Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2023-51385
Vulnerability from cvelistv5
Published
2023-12-18 00:00
Modified
2024-08-02 22:32
Severity ?
EPSS score ?
Summary
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T22:32:09.069Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.openssh.com/txt/release-9.6" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2" }, { "tags": [ "x_transferred" ], "url": "https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a" }, { "name": "DSA-5586", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5586" }, { "tags": [ "x_transferred" ], "url": "https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html" }, { "name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html" }, { "name": "[oss-security] 20231226 CVE-2023-51385, CVE-2023-6004: OpenSSH, libssh: Security weakness in ProxyCommand handling", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/12/26/4" }, { "name": "GLSA-202312-17", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202312-17" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240105-0005/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT214084" }, { "name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Mar/21" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-13T21:08:08.727930", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://www.openssh.com/txt/release-9.6" }, { "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2" }, { "url": "https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a" }, { "name": "DSA-5586", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5586" }, { "url": "https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html" }, { "name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html" }, { "name": "[oss-security] 20231226 CVE-2023-51385, CVE-2023-6004: OpenSSH, libssh: Security weakness in ProxyCommand handling", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/12/26/4" }, { "name": "GLSA-202312-17", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202312-17" }, { "url": "https://security.netapp.com/advisory/ntap-20240105-0005/" }, { "url": "https://support.apple.com/kb/HT214084" }, { "name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2024/Mar/21" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-51385", "datePublished": "2023-12-18T00:00:00", "dateReserved": "2023-12-18T00:00:00", "dateUpdated": "2024-08-02T22:32:09.069Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2023-51385\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-12-18T19:15:08.773\",\"lastModified\":\"2024-11-21T08:37:59.990\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.\"},{\"lang\":\"es\",\"value\":\"En ssh en OpenSSH anterior a 9.6, la inyecci\u00f3n de comandos del sistema operativo puede ocurrir si un nombre de usuario o nombre de host tiene metacaracteres de shell, y un token de expansi\u00f3n hace referencia a este nombre en ciertas situaciones. Por ejemplo, un repositorio Git que no es de confianza puede tener un subm\u00f3dulo con metacaracteres de shell en un nombre de usuario o nombre de host.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.6\",\"matchCriteriaId\":\"5308FBBB-F738-41C5-97A4-E40118E957CD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]}],\"references\":[{\"url\":\"http://seclists.org/fulldisclosure/2024/Mar/21\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/26/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-17\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240105-0005/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://support.apple.com/kb/HT214084\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5586\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openssh.com/txt/release-9.6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/12/18/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Mar/21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/26/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240105-0005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/kb/HT214084\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5586\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openssh.com/txt/release-9.6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/12/18/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]}]}}" } }
rhsa-2024_0455
Vulnerability from csaf_redhat
Published
2024-01-25 09:21
Modified
2024-12-17 22:31
Summary
Red Hat Security Advisory: openssh security update
Notes
Topic
An update for openssh is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.
Security Fix(es):
* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
* openssh: potential command injection via shell metacharacters (CVE-2023-51385)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for openssh is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.\n\nSecurity Fix(es):\n\n* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\n* openssh: potential command injection via shell metacharacters (CVE-2023-51385)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:0455", "url": "https://access.redhat.com/errata/RHSA-2024:0455" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "2255271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255271" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0455.json" } ], "title": "Red Hat Security Advisory: openssh security update", "tracking": { "current_release_date": "2024-12-17T22:31:21+00:00", "generator": { "date": "2024-12-17T22:31:21+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:0455", "initial_release_date": "2024-01-25T09:21:45+00:00", "revision_history": [ { "date": "2024-01-25T09:21:45+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-01-25T09:21:45+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T22:31:21+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product": { "name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:9.2::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product": { "name": "Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_eus:9.2::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "product": { "name": "openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "product_id": "openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.7p1-30.el9_2.3?arch=aarch64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "product": { "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "product_id": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.4-5.30.el9_2.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "product": { "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "product_id": "openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.7p1-30.el9_2.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product": { "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product_id": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.7p1-30.el9_2.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product": { "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product_id": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.7p1-30.el9_2.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product": { "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product_id": "openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.7p1-30.el9_2.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product": { "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product_id": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.7p1-30.el9_2.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product": { "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product_id": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.7p1-30.el9_2.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product_id": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-sk-dummy-debuginfo@8.7p1-30.el9_2.3?arch=aarch64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.4-5.30.el9_2.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-0:8.7p1-30.el9_2.3.aarch64", "product": { "name": "openssh-0:8.7p1-30.el9_2.3.aarch64", "product_id": "openssh-0:8.7p1-30.el9_2.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.7p1-30.el9_2.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "product": { "name": "openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "product_id": "openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.7p1-30.el9_2.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "product": { "name": "openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "product_id": "openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.7p1-30.el9_2.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-server-0:8.7p1-30.el9_2.3.aarch64", "product": { "name": "openssh-server-0:8.7p1-30.el9_2.3.aarch64", "product_id": "openssh-server-0:8.7p1-30.el9_2.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.7p1-30.el9_2.3?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "product": { "name": "openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "product_id": "openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.7p1-30.el9_2.3?arch=ppc64le" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "product": { "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "product_id": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.4-5.30.el9_2.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "product": { "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "product_id": "openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.7p1-30.el9_2.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product": { "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product_id": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.7p1-30.el9_2.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product": { "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product_id": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.7p1-30.el9_2.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product": { "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product_id": "openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.7p1-30.el9_2.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product": { "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product_id": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.7p1-30.el9_2.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product": { "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product_id": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.7p1-30.el9_2.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product_id": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-sk-dummy-debuginfo@8.7p1-30.el9_2.3?arch=ppc64le" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.4-5.30.el9_2.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-0:8.7p1-30.el9_2.3.ppc64le", "product": { "name": "openssh-0:8.7p1-30.el9_2.3.ppc64le", "product_id": "openssh-0:8.7p1-30.el9_2.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.7p1-30.el9_2.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "product": { "name": "openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "product_id": "openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.7p1-30.el9_2.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "product": { "name": "openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "product_id": "openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.7p1-30.el9_2.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "product": { "name": "openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "product_id": "openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.7p1-30.el9_2.3?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "product": { "name": "openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "product_id": "openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.7p1-30.el9_2.3?arch=x86_64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "product": { "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "product_id": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.4-5.30.el9_2.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "product": { "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "product_id": "openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.7p1-30.el9_2.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product": { "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product_id": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.7p1-30.el9_2.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product": { "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product_id": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.7p1-30.el9_2.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product": { "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product_id": "openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.7p1-30.el9_2.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product": { "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product_id": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.7p1-30.el9_2.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product": { "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product_id": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.7p1-30.el9_2.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product_id": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-sk-dummy-debuginfo@8.7p1-30.el9_2.3?arch=x86_64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.4-5.30.el9_2.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-0:8.7p1-30.el9_2.3.x86_64", "product": { "name": "openssh-0:8.7p1-30.el9_2.3.x86_64", "product_id": "openssh-0:8.7p1-30.el9_2.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.7p1-30.el9_2.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "product": { "name": "openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "product_id": "openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.7p1-30.el9_2.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "product": { "name": "openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "product_id": "openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.7p1-30.el9_2.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-server-0:8.7p1-30.el9_2.3.x86_64", "product": { "name": "openssh-server-0:8.7p1-30.el9_2.3.x86_64", "product_id": "openssh-server-0:8.7p1-30.el9_2.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.7p1-30.el9_2.3?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "product": { "name": "openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "product_id": "openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.7p1-30.el9_2.3?arch=s390x" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "product": { "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "product_id": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.4-5.30.el9_2.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "product": { "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "product_id": "openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.7p1-30.el9_2.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product": { "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product_id": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.7p1-30.el9_2.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product": { "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product_id": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.7p1-30.el9_2.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product": { "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product_id": "openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.7p1-30.el9_2.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product": { "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product_id": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.7p1-30.el9_2.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product": { "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product_id": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.7p1-30.el9_2.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product_id": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-sk-dummy-debuginfo@8.7p1-30.el9_2.3?arch=s390x" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.4-5.30.el9_2.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-0:8.7p1-30.el9_2.3.s390x", "product": { "name": "openssh-0:8.7p1-30.el9_2.3.s390x", "product_id": "openssh-0:8.7p1-30.el9_2.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.7p1-30.el9_2.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-clients-0:8.7p1-30.el9_2.3.s390x", "product": { "name": "openssh-clients-0:8.7p1-30.el9_2.3.s390x", "product_id": "openssh-clients-0:8.7p1-30.el9_2.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.7p1-30.el9_2.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "product": { "name": "openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "product_id": "openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.7p1-30.el9_2.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-server-0:8.7p1-30.el9_2.3.s390x", "product": { "name": "openssh-server-0:8.7p1-30.el9_2.3.s390x", "product_id": "openssh-server-0:8.7p1-30.el9_2.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.7p1-30.el9_2.3?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openssh-0:8.7p1-30.el9_2.3.src", "product": { "name": "openssh-0:8.7p1-30.el9_2.3.src", "product_id": "openssh-0:8.7p1-30.el9_2.3.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.7p1-30.el9_2.3?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-30.el9_2.3.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src" }, "product_reference": "openssh-0:8.7p1-30.el9_2.3.src", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-clients-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-server-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-server-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-server-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", "product_id": "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64", "relates_to_product_reference": "AppStream-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-30.el9_2.3.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src" }, "product_reference": "openssh-0:8.7p1-30.el9_2.3.src", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-clients-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-server-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-server-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-server-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.2)", "product_id": "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64", "relates_to_product_reference": "BaseOS-9.2.0.Z.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "discovery_date": "2023-12-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2254210" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)", "title": "Vulnerability summary" }, { "category": "other", "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-48795" }, { "category": "external", "summary": "RHBZ#2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795", "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795" }, { "category": "external", "summary": "https://access.redhat.com/solutions/7071748", "url": "https://access.redhat.com/solutions/7071748" }, { "category": "external", "summary": "https://terrapin-attack.com/", "url": "https://terrapin-attack.com/" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-01-25T09:21:45+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.", "product_ids": [ "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0455" }, { "category": "workaround", "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748", "product_ids": [ "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)" }, { "cve": "CVE-2023-51385", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "discovery_date": "2023-12-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2255271" } ], "notes": [ { "category": "description", "text": "A flaw was found in OpenSSH. In certain circumstances, a remote attacker may be able to execute arbitrary OS commands by using expansion tokens, such as %u or %h, with user names or host names that contain shell metacharacters.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssh: potential command injection via shell metacharacters", "title": "Vulnerability summary" }, { "category": "other", "text": "The ability to execute OS commands is dependent on what quoting is present in the user-supplied ssh_config directive. However, it is generally the user\u0027s responsibility to validate arguments passed to SSH.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-51385" }, { "category": "external", "summary": "RHBZ#2255271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255271" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51385", "url": "https://www.cve.org/CVERecord?id=CVE-2023-51385" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-01-25T09:21:45+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.", "product_ids": [ "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0455" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "AppStream-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "AppStream-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.src", "BaseOS-9.2.0.Z.EUS:openssh-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-askpass-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-clients-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-debugsource-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-keycat-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-server-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:openssh-sk-dummy-debuginfo-0:8.7p1-30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-0:0.10.4-5.30.el9_2.3.x86_64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.aarch64", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.ppc64le", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.s390x", "BaseOS-9.2.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.30.el9_2.3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "openssh: potential command injection via shell metacharacters" } ] }
rhsa-2024_0594
Vulnerability from csaf_redhat
Published
2024-01-30 14:13
Modified
2024-12-17 22:32
Summary
Red Hat Security Advisory: openssh security update
Notes
Topic
An update for openssh is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.
Security Fix(es):
* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
* openssh: potential command injection via shell metacharacters (CVE-2023-51385)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for openssh is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.\n\nSecurity Fix(es):\n\n* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\n* openssh: potential command injection via shell metacharacters (CVE-2023-51385)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:0594", "url": "https://access.redhat.com/errata/RHSA-2024:0594" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "2255271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255271" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0594.json" } ], "title": "Red Hat Security Advisory: openssh security update", "tracking": { "current_release_date": "2024-12-17T22:32:24+00:00", "generator": { "date": "2024-12-17T22:32:24+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:0594", "initial_release_date": "2024-01-30T14:13:55+00:00", "revision_history": [ { "date": "2024-01-30T14:13:55+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-01-30T14:13:55+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T22:32:24+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product": { "name": "Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.8::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product": { "name": "Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_eus:8.8::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-server-0:8.0p1-19.el8_8.2.aarch64", "product": { "name": "openssh-server-0:8.0p1-19.el8_8.2.aarch64", "product_id": "openssh-server-0:8.0p1-19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.0p1-19.el8_8.2?arch=aarch64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "product": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "product_id": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.19.el8_8.2?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "product": { "name": "openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "product_id": "openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.0p1-19.el8_8.2?arch=ppc64le" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "product": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "product_id": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.19.el8_8.2?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-server-0:8.0p1-19.el8_8.2.x86_64", "product": { "name": "openssh-server-0:8.0p1-19.el8_8.2.x86_64", "product_id": "openssh-server-0:8.0p1-19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.0p1-19.el8_8.2?arch=x86_64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "product": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "product_id": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.19.el8_8.2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-clients-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-clients-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-clients-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-server-0:8.0p1-19.el8_8.2.s390x", "product": { "name": "openssh-server-0:8.0p1-19.el8_8.2.s390x", "product_id": "openssh-server-0:8.0p1-19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.0p1-19.el8_8.2?arch=s390x" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "product": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "product_id": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.19.el8_8.2?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openssh-0:8.0p1-19.el8_8.2.src", "product": { "name": "openssh-0:8.0p1-19.el8_8.2.src", "product_id": "openssh-0:8.0p1-19.el8_8.2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-19.el8_8.2?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_8.2.src as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src" }, "product_reference": "openssh-0:8.0p1-19.el8_8.2.src", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-server-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-server-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-server-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", "product_id": "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64", "relates_to_product_reference": "AppStream-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_8.2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src" }, "product_reference": "openssh-0:8.0p1-19.el8_8.2.src", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-server-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-server-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-server-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.8)", "product_id": "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64", "relates_to_product_reference": "BaseOS-8.8.0.Z.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "discovery_date": "2023-12-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2254210" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)", "title": "Vulnerability summary" }, { "category": "other", "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-48795" }, { "category": "external", "summary": "RHBZ#2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795", "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795" }, { "category": "external", "summary": "https://access.redhat.com/solutions/7071748", "url": "https://access.redhat.com/solutions/7071748" }, { "category": "external", "summary": "https://terrapin-attack.com/", "url": "https://terrapin-attack.com/" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-01-30T14:13:55+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.", "product_ids": [ "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0594" }, { "category": "workaround", "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748", "product_ids": [ "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)" }, { "cve": "CVE-2023-51385", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "discovery_date": "2023-12-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2255271" } ], "notes": [ { "category": "description", "text": "A flaw was found in OpenSSH. In certain circumstances, a remote attacker may be able to execute arbitrary OS commands by using expansion tokens, such as %u or %h, with user names or host names that contain shell metacharacters.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssh: potential command injection via shell metacharacters", "title": "Vulnerability summary" }, { "category": "other", "text": "The ability to execute OS commands is dependent on what quoting is present in the user-supplied ssh_config directive. However, it is generally the user\u0027s responsibility to validate arguments passed to SSH.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-51385" }, { "category": "external", "summary": "RHBZ#2255271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255271" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51385", "url": "https://www.cve.org/CVERecord?id=CVE-2023-51385" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-01-30T14:13:55+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.", "product_ids": [ "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0594" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "AppStream-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "AppStream-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.src", "BaseOS-8.8.0.Z.EUS:openssh-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-debugsource-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.19.el8_8.2.x86_64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.aarch64", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.ppc64le", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.s390x", "BaseOS-8.8.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_8.2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "openssh: potential command injection via shell metacharacters" } ] }
rhsa-2024_0429
Vulnerability from csaf_redhat
Published
2024-01-25 08:14
Modified
2024-12-17 22:31
Summary
Red Hat Security Advisory: openssh security update
Notes
Topic
An update for openssh is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.
Security Fix(es):
* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
* openssh: potential command injection via shell metacharacters (CVE-2023-51385)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for openssh is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.\n\nSecurity Fix(es):\n\n* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\n* openssh: potential command injection via shell metacharacters (CVE-2023-51385)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:0429", "url": "https://access.redhat.com/errata/RHSA-2024:0429" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "2255271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255271" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0429.json" } ], "title": "Red Hat Security Advisory: openssh security update", "tracking": { "current_release_date": "2024-12-17T22:31:33+00:00", "generator": { "date": "2024-12-17T22:31:33+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:0429", "initial_release_date": "2024-01-25T08:14:09+00:00", "revision_history": [ { "date": "2024-01-25T08:14:09+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-01-25T08:14:09+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T22:31:33+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product": { "name": "Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.6::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product": { "name": "Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_eus:8.6::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "openssh-0:8.0p1-15.el8_6.3.src", "product": { "name": "openssh-0:8.0p1-15.el8_6.3.src", "product_id": "openssh-0:8.0p1-15.el8_6.3.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-15.el8_6.3?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "openssh-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.0p1-15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-server-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-server-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-server-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.0p1-15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "product": { "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "product_id": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.15.el8_6.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "product": { "name": "openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "product_id": "openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-15.el8_6.3?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "openssh-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.0p1-15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.0p1-15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "product": { "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "product_id": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.15.el8_6.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "product": { "name": "openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "product_id": "openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-15.el8_6.3?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openssh-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.0p1-15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-server-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-server-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-server-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.0p1-15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "product": { "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "product_id": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.15.el8_6.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "product": { "name": "openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "product_id": "openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-15.el8_6.3?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openssh-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-clients-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-clients-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-clients-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.0p1-15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-server-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-server-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-server-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.0p1-15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "product": { "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "product_id": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.15.el8_6.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "product": { "name": "openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "product_id": "openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-15.el8_6.3?arch=s390x" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-15.el8_6.3.src as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src" }, "product_reference": "openssh-0:8.0p1-15.el8_6.3.src", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-clients-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-server-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-server-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-server-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-15.el8_6.3.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src" }, "product_reference": "openssh-0:8.0p1-15.el8_6.3.src", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-clients-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-server-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-server-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-server-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)", "product_id": "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64", "relates_to_product_reference": "BaseOS-8.6.0.Z.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "discovery_date": "2023-12-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2254210" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)", "title": "Vulnerability summary" }, { "category": "other", "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-48795" }, { "category": "external", "summary": "RHBZ#2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795", "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795" }, { "category": "external", "summary": "https://access.redhat.com/solutions/7071748", "url": "https://access.redhat.com/solutions/7071748" }, { "category": "external", "summary": "https://terrapin-attack.com/", "url": "https://terrapin-attack.com/" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-01-25T08:14:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.", "product_ids": [ "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0429" }, { "category": "workaround", "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748", "product_ids": [ "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)" }, { "cve": "CVE-2023-51385", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "discovery_date": "2023-12-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2255271" } ], "notes": [ { "category": "description", "text": "A flaw was found in OpenSSH. In certain circumstances, a remote attacker may be able to execute arbitrary OS commands by using expansion tokens, such as %u or %h, with user names or host names that contain shell metacharacters.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssh: potential command injection via shell metacharacters", "title": "Vulnerability summary" }, { "category": "other", "text": "The ability to execute OS commands is dependent on what quoting is present in the user-supplied ssh_config directive. However, it is generally the user\u0027s responsibility to validate arguments passed to SSH.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-51385" }, { "category": "external", "summary": "RHBZ#2255271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255271" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51385", "url": "https://www.cve.org/CVERecord?id=CVE-2023-51385" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-01-25T08:14:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.", "product_ids": [ "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0429" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "AppStream-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "AppStream-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.src", "BaseOS-8.6.0.Z.EUS:openssh-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-askpass-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-cavs-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-clients-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-debugsource-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-keycat-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-ldap-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:openssh-server-debuginfo-0:8.0p1-15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-0:0.10.3-7.15.el8_6.3.x86_64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.aarch64", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.ppc64le", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.s390x", "BaseOS-8.6.0.Z.EUS:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.15.el8_6.3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "openssh: potential command injection via shell metacharacters" } ] }
rhsa-2024_1130
Vulnerability from csaf_redhat
Published
2024-03-05 18:18
Modified
2024-12-17 22:35
Summary
Red Hat Security Advisory: openssh security update
Notes
Topic
An update for openssh is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.
Security Fix(es):
* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
* openssh: potential command injection via shell metacharacters (CVE-2023-51385)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for openssh is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.\n\nSecurity Fix(es):\n\n* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\n* openssh: potential command injection via shell metacharacters (CVE-2023-51385)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:1130", "url": "https://access.redhat.com/errata/RHSA-2024:1130" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "2255271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255271" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1130.json" } ], "title": "Red Hat Security Advisory: openssh security update", "tracking": { "current_release_date": "2024-12-17T22:35:03+00:00", "generator": { "date": "2024-12-17T22:35:03+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:1130", "initial_release_date": "2024-03-05T18:18:29+00:00", "revision_history": [ { "date": "2024-03-05T18:18:29+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-03-05T18:18:29+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T22:35:03+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 9)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS (v. 9)", "product": { "name": "Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:9::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "product": { "name": "openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "product_id": "openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.7p1-34.el9_3.3?arch=aarch64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "product": { "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "product_id": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.4-5.34.el9_3.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "product": { "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "product_id": "openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.7p1-34.el9_3.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product": { "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product_id": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.7p1-34.el9_3.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product": { "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product_id": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.7p1-34.el9_3.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product": { "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product_id": "openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.7p1-34.el9_3.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product": { "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product_id": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.7p1-34.el9_3.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product": { "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product_id": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.7p1-34.el9_3.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product_id": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-sk-dummy-debuginfo@8.7p1-34.el9_3.3?arch=aarch64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.4-5.34.el9_3.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-0:8.7p1-34.el9_3.3.aarch64", "product": { "name": "openssh-0:8.7p1-34.el9_3.3.aarch64", "product_id": "openssh-0:8.7p1-34.el9_3.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.7p1-34.el9_3.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "product": { "name": "openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "product_id": "openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.7p1-34.el9_3.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "product": { "name": "openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "product_id": "openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.7p1-34.el9_3.3?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-server-0:8.7p1-34.el9_3.3.aarch64", "product": { "name": "openssh-server-0:8.7p1-34.el9_3.3.aarch64", "product_id": "openssh-server-0:8.7p1-34.el9_3.3.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.7p1-34.el9_3.3?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "product": { "name": "openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "product_id": "openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.7p1-34.el9_3.3?arch=ppc64le" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "product": { "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "product_id": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.4-5.34.el9_3.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "product": { "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "product_id": "openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.7p1-34.el9_3.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product": { "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product_id": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.7p1-34.el9_3.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product": { "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product_id": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.7p1-34.el9_3.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product": { "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product_id": "openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.7p1-34.el9_3.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product": { "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product_id": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.7p1-34.el9_3.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product": { "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product_id": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.7p1-34.el9_3.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product_id": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-sk-dummy-debuginfo@8.7p1-34.el9_3.3?arch=ppc64le" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.4-5.34.el9_3.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-0:8.7p1-34.el9_3.3.ppc64le", "product": { "name": "openssh-0:8.7p1-34.el9_3.3.ppc64le", "product_id": "openssh-0:8.7p1-34.el9_3.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.7p1-34.el9_3.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "product": { "name": "openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "product_id": "openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.7p1-34.el9_3.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "product": { "name": "openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "product_id": "openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.7p1-34.el9_3.3?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "product": { "name": "openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "product_id": "openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.7p1-34.el9_3.3?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "product": { "name": "openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "product_id": "openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.7p1-34.el9_3.3?arch=x86_64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "product": { "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "product_id": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.4-5.34.el9_3.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "product": { "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "product_id": "openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.7p1-34.el9_3.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product": { "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product_id": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.7p1-34.el9_3.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product": { "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product_id": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.7p1-34.el9_3.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product": { "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product_id": "openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.7p1-34.el9_3.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product": { "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product_id": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.7p1-34.el9_3.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product": { "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product_id": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.7p1-34.el9_3.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product_id": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-sk-dummy-debuginfo@8.7p1-34.el9_3.3?arch=x86_64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.4-5.34.el9_3.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-0:8.7p1-34.el9_3.3.x86_64", "product": { "name": "openssh-0:8.7p1-34.el9_3.3.x86_64", "product_id": "openssh-0:8.7p1-34.el9_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.7p1-34.el9_3.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "product": { "name": "openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "product_id": "openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.7p1-34.el9_3.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "product": { "name": "openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "product_id": "openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.7p1-34.el9_3.3?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-server-0:8.7p1-34.el9_3.3.x86_64", "product": { "name": "openssh-server-0:8.7p1-34.el9_3.3.x86_64", "product_id": "openssh-server-0:8.7p1-34.el9_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.7p1-34.el9_3.3?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "product": { "name": "openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "product_id": "openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.7p1-34.el9_3.3?arch=s390x" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "product": { "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "product_id": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.4-5.34.el9_3.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "product": { "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "product_id": "openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.7p1-34.el9_3.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product": { "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product_id": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.7p1-34.el9_3.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product": { "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product_id": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.7p1-34.el9_3.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product": { "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product_id": "openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.7p1-34.el9_3.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product": { "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product_id": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.7p1-34.el9_3.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product": { "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product_id": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.7p1-34.el9_3.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product_id": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-sk-dummy-debuginfo@8.7p1-34.el9_3.3?arch=s390x" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.4-5.34.el9_3.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-0:8.7p1-34.el9_3.3.s390x", "product": { "name": "openssh-0:8.7p1-34.el9_3.3.s390x", "product_id": "openssh-0:8.7p1-34.el9_3.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.7p1-34.el9_3.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-clients-0:8.7p1-34.el9_3.3.s390x", "product": { "name": "openssh-clients-0:8.7p1-34.el9_3.3.s390x", "product_id": "openssh-clients-0:8.7p1-34.el9_3.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.7p1-34.el9_3.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "product": { "name": "openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "product_id": "openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.7p1-34.el9_3.3?arch=s390x" } } }, { "category": "product_version", "name": "openssh-server-0:8.7p1-34.el9_3.3.s390x", "product": { "name": "openssh-server-0:8.7p1-34.el9_3.3.s390x", "product_id": "openssh-server-0:8.7p1-34.el9_3.3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.7p1-34.el9_3.3?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openssh-0:8.7p1-34.el9_3.3.src", "product": { "name": "openssh-0:8.7p1-34.el9_3.3.src", "product_id": "openssh-0:8.7p1-34.el9_3.3.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.7p1-34.el9_3.3?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-34.el9_3.3.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src" }, "product_reference": "openssh-0:8.7p1-34.el9_3.3.src", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-clients-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-server-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-server-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-server-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64", "relates_to_product_reference": "AppStream-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-34.el9_3.3.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src" }, "product_reference": "openssh-0:8.7p1-34.el9_3.3.src", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-clients-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-server-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-server-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-server-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64" }, "product_reference": "openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", "product_id": "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64", "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "discovery_date": "2023-12-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2254210" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)", "title": "Vulnerability summary" }, { "category": "other", "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-48795" }, { "category": "external", "summary": "RHBZ#2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795", "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795" }, { "category": "external", "summary": "https://access.redhat.com/solutions/7071748", "url": "https://access.redhat.com/solutions/7071748" }, { "category": "external", "summary": "https://terrapin-attack.com/", "url": "https://terrapin-attack.com/" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-05T18:18:29+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.", "product_ids": [ "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1130" }, { "category": "workaround", "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748", "product_ids": [ "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)" }, { "cve": "CVE-2023-51385", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "discovery_date": "2023-12-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2255271" } ], "notes": [ { "category": "description", "text": "A flaw was found in OpenSSH. In certain circumstances, a remote attacker may be able to execute arbitrary OS commands by using expansion tokens, such as %u or %h, with user names or host names that contain shell metacharacters.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssh: potential command injection via shell metacharacters", "title": "Vulnerability summary" }, { "category": "other", "text": "The ability to execute OS commands is dependent on what quoting is present in the user-supplied ssh_config directive. However, it is generally the user\u0027s responsibility to validate arguments passed to SSH.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-51385" }, { "category": "external", "summary": "RHBZ#2255271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255271" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51385", "url": "https://www.cve.org/CVERecord?id=CVE-2023-51385" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-05T18:18:29+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.", "product_ids": [ "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1130" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "AppStream-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "AppStream-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.src", "BaseOS-9.3.0.Z.MAIN:openssh-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-askpass-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-clients-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-debugsource-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-keycat-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-server-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:openssh-sk-dummy-debuginfo-0:8.7p1-34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.4-5.34.el9_3.3.x86_64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.aarch64", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.ppc64le", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.s390x", "BaseOS-9.3.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.4-5.34.el9_3.3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "openssh: potential command injection via shell metacharacters" } ] }
rhsa-2024_1383
Vulnerability from csaf_redhat
Published
2024-03-19 15:19
Modified
2024-12-17 22:35
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.15.0 security, enhancement, & bug fix update
Notes
Topic
Updated packages that include numerous enhancements and bug fixes are now available for Red Hat OpenShift Data Foundation 4.15.0 on Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
These updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:
https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.15/html/4.15_release_notes/index
All Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated packages that include numerous enhancements and bug fixes are now available for Red Hat OpenShift Data Foundation 4.15.0 on Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nThese updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.15/html/4.15_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:1383", "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.15/html/4.15_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.15/html/4.15_release_notes/index" }, { "category": "external", "summary": "2005835", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005835" }, { "category": "external", "summary": "2022467", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2022467" }, { "category": "external", "summary": "2126028", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126028" }, { "category": "external", "summary": "2130266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130266" }, { "category": "external", "summary": "2151493", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151493" }, { "category": "external", "summary": "2165128", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165128" }, { "category": "external", "summary": "2165907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165907" }, { "category": "external", "summary": "2196858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196858" }, { "category": "external", "summary": "2207925", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207925" }, { "category": "external", "summary": "2208302", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208302" }, { "category": "external", "summary": "2209616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209616" }, { "category": "external", "summary": "2210970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210970" }, { "category": "external", "summary": "2213885", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213885" }, { "category": "external", "summary": "2222254", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222254" }, { "category": "external", "summary": "2228785", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228785" }, { "category": "external", "summary": "2229670", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2229670" }, { "category": "external", "summary": "2231076", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231076" }, { "category": "external", "summary": "2231860", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231860" }, { "category": "external", "summary": "2233010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233010" }, { "category": "external", "summary": "2234479", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234479" }, { "category": "external", "summary": "2236384", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236384" }, { "category": "external", "summary": "2236400", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236400" }, { "category": "external", "summary": "2237427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237427" }, { "category": "external", "summary": "2237895", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237895" }, { "category": "external", "summary": "2237903", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237903" }, { "category": "external", "summary": "2237920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237920" }, { "category": "external", "summary": "2239208", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239208" }, { "category": "external", "summary": "2239590", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239590" }, { "category": "external", "summary": "2239608", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239608" }, { "category": "external", "summary": "2240756", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240756" }, { "category": "external", "summary": "2240908", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240908" }, { "category": "external", "summary": "2241268", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241268" }, { "category": "external", "summary": "2241872", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241872" }, { "category": "external", "summary": "2242309", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242309" }, { "category": "external", "summary": "2244568", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244568" }, { "category": "external", "summary": "2244569", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244569" }, { "category": "external", "summary": "2244570", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244570" }, { "category": "external", "summary": "2245004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245004" }, { "category": "external", "summary": "2246084", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246084" }, { "category": "external", "summary": "2246993", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246993" }, { "category": "external", "summary": "2247094", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247094" }, { "category": "external", "summary": "2247313", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247313" }, { "category": "external", "summary": "2247518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247518" }, { "category": "external", "summary": "2247542", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247542" }, { "category": "external", "summary": "2247714", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247714" }, { "category": "external", "summary": "2247731", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247731" }, { "category": "external", "summary": "2247743", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247743" }, { "category": "external", "summary": "2247748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247748" }, { "category": "external", "summary": "2248117", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248117" }, { "category": "external", "summary": "2248664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248664" }, { "category": "external", "summary": "2248666", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248666" }, { "category": "external", "summary": "2248684", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248684" }, { "category": "external", "summary": "2248832", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248832" }, { "category": "external", "summary": "2249678", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249678" }, { "category": "external", "summary": "2249844", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249844" }, { "category": "external", "summary": "2250092", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250092" }, { "category": "external", "summary": "2250152", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250152" }, { "category": "external", "summary": "2250636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250636" }, { "category": "external", "summary": "2250911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250911" }, { "category": "external", "summary": "2250995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250995" }, { "category": "external", "summary": "2251741", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251741" }, { "category": "external", "summary": "2252035", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252035" }, { "category": "external", "summary": "2252756", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252756" }, { "category": "external", "summary": "2253185", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253185" }, { "category": "external", "summary": "2253257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253257" }, { "category": "external", "summary": "2253953", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253953" }, { "category": "external", "summary": "2254159", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254159" }, { "category": "external", "summary": "2254216", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254216" }, { "category": "external", "summary": "2254330", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254330" }, { "category": "external", "summary": "2254333", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254333" }, { "category": "external", "summary": "2254513", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254513" }, { "category": "external", "summary": "2255036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255036" }, { "category": "external", "summary": "2255194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255194" }, { "category": "external", "summary": "2255219", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255219" }, { "category": "external", "summary": "2255232", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255232" }, { "category": "external", "summary": "2255240", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255240" }, { "category": "external", "summary": "2255241", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255241" }, { "category": "external", "summary": "2255310", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255310" }, { "category": "external", "summary": "2255320", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255320" }, { "category": "external", "summary": "2255328", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255328" }, { "category": "external", "summary": "2255332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255332" }, { "category": "external", "summary": "2255333", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255333" }, { "category": "external", "summary": "2255340", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255340" }, { "category": "external", "summary": "2255343", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255343" }, { "category": "external", "summary": "2255411", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255411" }, { "category": "external", "summary": "2255491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255491" }, { "category": "external", "summary": "2255499", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255499" }, { "category": "external", "summary": "2255501", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255501" }, { "category": "external", "summary": "2255508", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255508" }, { "category": "external", "summary": "2255557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255557" }, { "category": "external", "summary": "2255586", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255586" }, { "category": "external", "summary": "2255890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255890" }, { "category": "external", "summary": "2256085", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256085" }, { "category": "external", "summary": "2256161", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256161" }, { "category": "external", "summary": "2256456", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256456" }, { "category": "external", "summary": "2256566", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256566" }, { "category": "external", "summary": "2256580", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256580" }, { "category": "external", "summary": "2256597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256597" }, { "category": "external", "summary": "2256633", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256633" }, { "category": "external", "summary": "2256637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256637" }, { "category": "external", "summary": "2256725", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256725" }, { "category": "external", "summary": "2256777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256777" }, { "category": "external", "summary": "2257222", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257222" }, { "category": "external", "summary": "2257296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257296" }, { "category": "external", "summary": "2257310", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257310" }, { "category": "external", "summary": "2257427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257427" }, { "category": "external", "summary": "2257441", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257441" }, { "category": "external", "summary": "2257634", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257634" }, { "category": "external", "summary": "2257674", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257674" }, { "category": "external", "summary": "2257694", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257694" }, { "category": "external", "summary": "2257711", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257711" }, { "category": "external", "summary": "2257982", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257982" }, { "category": "external", "summary": "2258015", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258015" }, { "category": "external", "summary": "2258021", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258021" }, { "category": "external", "summary": "2258351", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258351" }, { "category": "external", "summary": "2258357", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258357" }, { "category": "external", "summary": "2258560", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258560" }, { "category": "external", "summary": "2258591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258591" }, { "category": "external", "summary": "2258681", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258681" }, { "category": "external", "summary": "2258744", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258744" }, { "category": "external", "summary": "2258814", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258814" }, { "category": "external", "summary": "2258937", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258937" }, { "category": "external", "summary": "2258974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258974" }, { "category": "external", "summary": "2259187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259187" }, { "category": "external", "summary": "2259476", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259476" }, { "category": "external", "summary": "2259632", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259632" }, { "category": "external", "summary": "2259664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259664" }, { "category": "external", "summary": "2259773", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259773" }, { "category": "external", "summary": "2259852", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259852" }, { "category": "external", "summary": "2260050", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260050" }, { "category": "external", "summary": "2260131", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260131" }, { "category": "external", "summary": "2260279", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260279" }, { "category": "external", "summary": "2260340", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260340" }, { "category": "external", "summary": "2260818", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260818" }, { "category": "external", "summary": "2261936", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261936" }, { "category": "external", "summary": "2262052", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262052" }, { "category": "external", "summary": "2262252", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262252" }, { "category": "external", "summary": "2262376", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262376" }, { "category": "external", "summary": "2262974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262974" }, { "category": "external", "summary": "2263319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263319" }, { "category": "external", "summary": "2263472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263472" }, { "category": "external", "summary": "2263984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263984" }, { "category": "external", "summary": "2264002", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264002" }, { "category": "external", "summary": "2264825", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264825" }, { "category": "external", "summary": "2265051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265051" }, { "category": "external", "summary": "2265109", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265109" }, { "category": "external", "summary": "2265124", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265124" }, { "category": "external", "summary": "2265514", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265514" }, { "category": "external", "summary": "2266564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266564" }, { "category": "external", "summary": "2266583", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266583" }, { "category": "external", "summary": "2267209", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267209" }, { "category": "external", "summary": "2267712", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267712" }, { "category": "external", "summary": "2267857", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267857" }, { "category": "external", "summary": "2267885", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267885" }, { "category": "external", "summary": "2268407", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268407" }, { "category": "external", "summary": "2268959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268959" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1383.json" } ], "title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.15.0 security, enhancement, \u0026 bug fix update", "tracking": { "current_release_date": "2024-12-17T22:35:50+00:00", "generator": { "date": "2024-12-17T22:35:50+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:1383", "initial_release_date": "2024-03-19T15:19:34+00:00", "revision_history": [ { "date": "2024-03-19T15:19:34+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-03-19T15:19:34+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T22:35:50+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHODF 4.15 for RHEL 9", "product": { "name": "RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9" } } } ], "category": "product_family", "name": "Red Hat OpenShift Data Foundation" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "product": { "name": "odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "product_id": "odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.15.0-37" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "product": { "name": "odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "product_id": "odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.15.0-68" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "product": { "name": "odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "product_id": "odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "product": { "name": "odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "product_id": "odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.15.0-39" } } }, { "category": "product_version", "name": "odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "product": { "name": "odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "product_id": "odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.15.0-58" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "product_id": "odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "product": { "name": "odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "product_id": "odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.15.0-13" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "product": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.15.0-81" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "product": { "name": "odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "product_id": "odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "product": { "name": "odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "product_id": "odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.15.0-79" } } }, { "category": "product_version", "name": "odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "product": { "name": "odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "product_id": "odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.15.0-22" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "product": { "name": "odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "product_id": "odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.15.0-57" } } }, { "category": "product_version", "name": "odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "product": { "name": "odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.15.0-6" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "product": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.15.0-15" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.15.0-15" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "product": { "name": "odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "product_id": "odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.15.0-54" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "product": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "product_id": "odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.15.0-10" } } }, { "category": "product_version", "name": "odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "product": { "name": "odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "product_id": "odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.15.0-26" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "product": { "name": "odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "product_id": "odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "product": { "name": "odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "product_id": "odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.15.0-19" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "product_id": "odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "product_id": "odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "product": { "name": "odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "product_id": "odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.15.0-21" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "product": { "name": "odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "product_id": "odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.15.0-103" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "product": { "name": "odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "product_id": "odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.15.0-37" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "product": { "name": "odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "product_id": "odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.15.0-68" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "product": { "name": "odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "product_id": "odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "product": { "name": "odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "product_id": "odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.15.0-39" } } }, { "category": "product_version", "name": "odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "product": { "name": "odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "product_id": "odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.15.0-58" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "product_id": "odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "product": { "name": "odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "product_id": "odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.15.0-13" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "product": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.15.0-81" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "product": { "name": "odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "product_id": "odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "product": { "name": "odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "product_id": "odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.15.0-79" } } }, { "category": "product_version", "name": "odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "product": { "name": "odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "product_id": "odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.15.0-22" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "product": { "name": "odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "product_id": "odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.15.0-57" } } }, { "category": "product_version", "name": "odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "product": { "name": "odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.15.0-6" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "product": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.15.0-15" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.15.0-15" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "product": { "name": "odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "product_id": "odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.15.0-54" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "product": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "product_id": "odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.15.0-10" } } }, { "category": "product_version", "name": "odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "product": { "name": "odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "product_id": "odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.15.0-26" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "product": { "name": "odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "product_id": "odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "product": { "name": "odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "product_id": "odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.15.0-19" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "product_id": "odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "product_id": "odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "product": { "name": "odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "product_id": "odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.15.0-21" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64", "product": { "name": "odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64", "product_id": "odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.15.0-103" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "product": { "name": "odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "product_id": "odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.15.0-37" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "product": { "name": "odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "product_id": "odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.15.0-68" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "product": { "name": "odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "product_id": "odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "product": { "name": "odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "product_id": "odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.15.0-39" } } }, { "category": "product_version", "name": "odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "product": { "name": "odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "product_id": "odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.15.0-58" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "product_id": "odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "product": { "name": "odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "product_id": "odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.15.0-13" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "product": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.15.0-81" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "product": { "name": "odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "product_id": "odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "product": { "name": "odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "product_id": "odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.15.0-79" } } }, { "category": "product_version", "name": "odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "product": { "name": "odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "product_id": "odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.15.0-22" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "product": { "name": "odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "product_id": "odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.15.0-57" } } }, { "category": "product_version", "name": "odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "product": { "name": "odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.15.0-6" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "product": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.15.0-15" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.15.0-15" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "product": { "name": "odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "product_id": "odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.15.0-54" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "product": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "product_id": "odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.15.0-10" } } }, { "category": "product_version", "name": "odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "product": { "name": "odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "product_id": "odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.15.0-26" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "product": { "name": "odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "product_id": "odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "product": { "name": "odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "product_id": "odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.15.0-19" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "product_id": "odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "product_id": "odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.15.0-158" } } }, { "category": "product_version", "name": "odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "product": { "name": "odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "product_id": "odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.15.0-21" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "product": { "name": "odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "product_id": "odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.15.0-103" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "product": { "name": "odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "product_id": "odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.15.0-68" } } }, { "category": "product_version", "name": "odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "product": { "name": "odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "product_id": "odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.15.0-39" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "product": { "name": "odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "product_id": "odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.15.0-13" } } }, { "category": "product_version", "name": "odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "product": { "name": "odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "product_id": "odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.15.0-79" } } }, { "category": "product_version", "name": "odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "product": { "name": "odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "product_id": "odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.15.0-22" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "product": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.15.0-15" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.15.0-15" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "product": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "product_id": "odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.15.0-10" } } }, { "category": "product_version", "name": "odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "product": { "name": "odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "product_id": "odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.15.0-26" } } }, { "category": "product_version", "name": "odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "product": { "name": "odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "product_id": "odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.15.0-19" } } }, { "category": "product_version", "name": "odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "product": { "name": "odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "product_id": "odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "product_identification_helper": { "purl": "pkg:oci/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.15.0-21" } } } ], "category": "architecture", "name": "arm64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64" }, "product_reference": "odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x" }, "product_reference": "odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" }, "product_reference": "odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64" }, "product_reference": "odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x" }, "product_reference": "odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le" }, "product_reference": "odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64" }, "product_reference": "odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64" }, "product_reference": "odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x" }, "product_reference": "odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le" }, "product_reference": "odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64" }, "product_reference": "odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le" }, "product_reference": "odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64" }, "product_reference": "odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x" }, "product_reference": "odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64" }, "product_reference": "odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le" }, "product_reference": "odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x" }, "product_reference": "odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64" }, "product_reference": "odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x" }, "product_reference": "odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64" }, "product_reference": "odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le" }, "product_reference": "odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x" }, "product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le" }, "product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64" }, "product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le" }, "product_reference": "odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64" }, "product_reference": "odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x" }, "product_reference": "odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le" }, "product_reference": "odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x" }, "product_reference": "odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64" }, "product_reference": "odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64" }, "product_reference": "odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64" }, "product_reference": "odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le" }, "product_reference": "odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x" }, "product_reference": "odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64" }, "product_reference": "odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x" }, "product_reference": "odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64" }, "product_reference": "odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le" }, "product_reference": "odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x" }, "product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64" }, "product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le" }, "product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64" }, "product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le" }, "product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64" }, "product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x" }, "product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le" }, "product_reference": "odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64" }, "product_reference": "odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x" }, "product_reference": "odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64" }, "product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64" }, "product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le" }, "product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x" }, "product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x" }, "product_reference": "odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64" }, "product_reference": "odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le" }, "product_reference": "odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64" }, "product_reference": "odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le" }, "product_reference": "odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64" }, "product_reference": "odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x" }, "product_reference": "odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x" }, "product_reference": "odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le" }, "product_reference": "odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64" }, "product_reference": "odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64" }, "product_reference": "odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x" }, "product_reference": "odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le" }, "product_reference": "odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64" }, "product_reference": "odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64" }, "product_reference": "odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le" }, "product_reference": "odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x" }, "product_reference": "odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "relates_to_product_reference": "9Base-RHODF-4.15" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 as a component of RHODF 4.15 for RHEL 9", "product_id": "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" }, "product_reference": "odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64", "relates_to_product_reference": "9Base-RHODF-4.15" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-35937", "cwe": { "id": "CWE-367", "name": "Time-of-check Time-of-use (TOCTOU) Race Condition" }, "discovery_date": "2021-03-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1964125" } ], "notes": [ { "category": "description", "text": "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "rpm: TOCTOU race in checks for unsafe symlinks", "title": "Vulnerability summary" }, { "category": "other", "text": "System and service accounts may have the required permissions to exploit this flaw. Conversely, regular user accounts should not be allowed to manipulate RPM artifacts during installation, thus reducing the attack surface and hence the impact of this flaw considerably.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35937" }, { "category": "external", "summary": "RHBZ#1964125", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964125" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35937", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35937" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35937", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35937" } ], "release_date": "2021-06-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "rpm: TOCTOU race in checks for unsafe symlinks" }, { "cve": "CVE-2021-35938", "cwe": { "id": "CWE-59", "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)" }, "discovery_date": "2021-03-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1964114" } ], "notes": [ { "category": "description", "text": "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "rpm: races with chown/chmod/capabilities calls during installation", "title": "Vulnerability summary" }, { "category": "other", "text": "System and service accounts may have the required permissions to exploit this flaw. Conversely, regular user accounts should not be allowed to manipulate RPM artifacts during installation, thus reducing the attack surface and hence the impact of this flaw considerably.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35938" }, { "category": "external", "summary": "RHBZ#1964114", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964114" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35938", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35938" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35938", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35938" }, { "category": "external", "summary": "https://rpm.org/wiki/Releases/4.18.0", "url": "https://rpm.org/wiki/Releases/4.18.0" } ], "release_date": "2021-06-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "rpm: races with chown/chmod/capabilities calls during installation" }, { "cve": "CVE-2021-35939", "cwe": { "id": "CWE-59", "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)" }, "discovery_date": "2021-03-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1964129" } ], "notes": [ { "category": "description", "text": "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "rpm: checks for unsafe symlinks are not performed for intermediary directories", "title": "Vulnerability summary" }, { "category": "other", "text": "System and service accounts may have the required permissions to exploit this flaw. Conversely, regular user accounts should not be allowed to manipulate RPM artifacts during installation, thus reducing the attack surface and hence the impact of this flaw considerably.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35939" }, { "category": "external", "summary": "RHBZ#1964129", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964129" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35939", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35939" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35939", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35939" }, { "category": "external", "summary": "https://rpm.org/wiki/Releases/4.18.0", "url": "https://rpm.org/wiki/Releases/4.18.0" } ], "release_date": "2021-06-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "rpm: checks for unsafe symlinks are not performed for intermediary directories" }, { "cve": "CVE-2023-3462", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "discovery_date": "2023-08-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2228020" } ], "notes": [ { "category": "description", "text": "A flaw was found in the HashiCorp Vault. The Vault and Vault Enterprise (\u201cVault\u201d) LDAP auth method allows unauthenticated users to potentially enumerate valid accounts in the configured LDAP system by observing the response error when querying usernames.", "title": "Vulnerability description" }, { "category": "summary", "text": "Hashicorp/vault: Vault\u2019s LDAP Auth Method Allows for User Enumeration", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64" ], "known_not_affected": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-3462" }, { "category": "external", "summary": "RHBZ#2228020", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228020" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-3462", "url": "https://www.cve.org/CVERecord?id=CVE-2023-3462" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3462", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3462" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2023-24-vaults-ldap-auth-method-allows-for-user-enumeration/56714", "url": "https://discuss.hashicorp.com/t/hcsec-2023-24-vaults-ldap-auth-method-allows-for-user-enumeration/56714" } ], "release_date": "2023-07-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Hashicorp/vault: Vault\u2019s LDAP Auth Method Allows for User Enumeration" }, { "acknowledgments": [ { "names": [ "Tony Battersby" ], "organization": "Cybernetics", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-5363", "cwe": { "id": "CWE-325", "name": "Missing Cryptographic Step" }, "discovery_date": "2023-10-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2243839" } ], "notes": [ { "category": "description", "text": "A flaw was found in OpenSSL in how it processes key and initialization vector (IV) lengths. This issue can lead to potential truncation or overruns during the initialization of some symmetric ciphers. A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes. Both truncations and overruns of the key and the IV will produce incorrect results and could, in some cases, trigger a memory exception.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: Incorrect cipher key and IV length processing", "title": "Vulnerability summary" }, { "category": "other", "text": "The identified bug in the processing of key and initialization vector (IV) lengths within certain symmetric cipher modes poses a moderate severity risk due to its potential impact on data confidentiality and integrity. While the truncation or overreading of key and IV lengths could lead to incorrect cryptographic operations and potential memory exceptions, the probability of exploitation is mitigated by several factors. Firstly, the affected API was recently introduced, limiting its widespread adoption. Secondly, altering key and IV lengths is not a common operation in most cryptographic implementations. Furthermore, the likelihood of vulnerability is reduced by the necessity for both communication peers to be similarly affected for decryption failures to occur, which would likely be detected during testing.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-5363" }, { "category": "external", "summary": "RHBZ#2243839", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243839" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5363", "url": "https://www.cve.org/CVERecord?id=CVE-2023-5363" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5363", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5363" }, { "category": "external", "summary": "https://www.openssl.org/news/secadv/20231024.txt", "url": "https://www.openssl.org/news/secadv/20231024.txt" } ], "release_date": "2023-10-24T15:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "openssl: Incorrect cipher key and IV length processing" }, { "cve": "CVE-2023-5954", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-11-09T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2249115" } ], "notes": [ { "category": "description", "text": "A flaw was found in The HashiCorp Vault, which may be susceptible to a denial of service due to an unbounded consumption of memory when handling policy requests. This issue may allow an attacker to trigger policy checks by sending multiple inbound client requests that create a logger that is never removed from memory, leading to excessive memory consumption, causing a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "vault: inbound client requests can trigger a denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x" ], "known_not_affected": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-5954" }, { "category": "external", "summary": "RHBZ#2249115", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249115" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5954", "url": "https://www.cve.org/CVERecord?id=CVE-2023-5954" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5954", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5954" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2023-33-vault-requests-triggering-policy-checks-may-lead-to-unbounded-memory-consumption/59926", "url": "https://discuss.hashicorp.com/t/hcsec-2023-33-vault-requests-triggering-policy-checks-may-lead-to-unbounded-memory-consumption/59926" } ], "release_date": "2023-11-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "vault: inbound client requests can trigger a denial of service" }, { "acknowledgments": [ { "names": [ "Daiki Ueno" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2023-5981", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "discovery_date": "2023-11-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2248445" } ], "notes": [ { "category": "description", "text": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.", "title": "Vulnerability description" }, { "category": "summary", "text": "gnutls: timing side-channel in the RSA-PSK authentication", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-5981" }, { "category": "external", "summary": "RHBZ#2248445", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248445" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5981", "url": "https://www.cve.org/CVERecord?id=CVE-2023-5981" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5981", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5981" }, { "category": "external", "summary": "https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23", "url": "https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23" } ], "release_date": "2023-11-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "To address the issue found upgrade to GnuTLS 3.8.2 or later versions.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "gnutls: timing side-channel in the RSA-PSK authentication" }, { "cve": "CVE-2023-7104", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2023-12-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2256194" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in SQLite3. This issue affects the sessionReadRecord function of the ext/session/sqlite3session.c function in the make alltest Handler component. Manipulation may cause a heap-based buffer overflow to occur.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: heap-buffer-overflow at sessionfuzz", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is rated as having a moderate impact because it affects a non-critical component, lacks details on an easy exploitation method, and doesn\u0027t indicate severe impacts (such as remote code execution). So the risk is reduced by exploitation complexity and the absence of a clear and severe threat.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-7104" }, { "category": "external", "summary": "RHBZ#2256194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256194" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-7104", "url": "https://www.cve.org/CVERecord?id=CVE-2023-7104" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-7104", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-7104" } ], "release_date": "2023-12-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: heap-buffer-overflow at sessionfuzz" }, { "cve": "CVE-2023-24532", "cwe": { "id": "CWE-682", "name": "Incorrect Calculation" }, "discovery_date": "2023-07-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2223355" } ], "notes": [ { "category": "description", "text": "A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-24532" }, { "category": "external", "summary": "RHBZ#2223355", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223355" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-24532", "url": "https://www.cve.org/CVERecord?id=CVE-2023-24532" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24532", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24532" }, { "category": "external", "summary": "https://go.dev/cl/471255", "url": "https://go.dev/cl/471255" }, { "category": "external", "summary": "https://go.dev/issue/58647", "url": "https://go.dev/issue/58647" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY", "url": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2023-1621", "url": "https://pkg.go.dev/vuln/GO-2023-1621" } ], "release_date": "2023-03-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results" }, { "cve": "CVE-2023-26159", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2024-01-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2256413" } ], "notes": [ { "category": "description", "text": "An Improper Input Validation flaw was found in follow-redirects due to the improper handling of URLs by the url.parse() function. When a new URL() throws an error, it can be manipulated to misinterpret the hostname. This issue could allow an attacker to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches.", "title": "Vulnerability description" }, { "category": "summary", "text": "follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()", "title": "Vulnerability summary" }, { "category": "other", "text": "follow-redirects is a transitive dependency of Grafana, and does not affect Red Hat Enterprise Linux 8.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x" ], "known_not_affected": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-26159" }, { "category": "external", "summary": "RHBZ#2256413", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256413" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-26159", "url": "https://www.cve.org/CVERecord?id=CVE-2023-26159" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26159", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26159" } ], "release_date": "2024-01-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()" }, { "cve": "CVE-2023-27043", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2023-05-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2196183" } ], "notes": [ { "category": "description", "text": "The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.", "title": "Vulnerability description" }, { "category": "summary", "text": "python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple", "title": "Vulnerability summary" }, { "category": "other", "text": "Versions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-27043" }, { "category": "external", "summary": "RHBZ#2196183", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196183" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-27043", "url": "https://www.cve.org/CVERecord?id=CVE-2023-27043" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27043", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27043" }, { "category": "external", "summary": "https://access.redhat.com/articles/7051467", "url": "https://access.redhat.com/articles/7051467" } ], "release_date": "2023-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple" }, { "cve": "CVE-2023-28486", "cwe": { "id": "CWE-117", "name": "Improper Output Neutralization for Logs" }, "discovery_date": "2023-03-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2179272" } ], "notes": [ { "category": "description", "text": "A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where sudo improperly escapes terminal control characters during logging operations. As sudo\u0027s log messages may contain user-controlled strings, this may allow an attacker to inject terminal control commands, leading to a leak of restricted information.", "title": "Vulnerability description" }, { "category": "summary", "text": "sudo: Sudo does not escape control characters in log messages", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28486" }, { "category": "external", "summary": "RHBZ#2179272", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179272" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28486", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28486" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28486", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28486" } ], "release_date": "2023-03-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sudo: Sudo does not escape control characters in log messages" }, { "cve": "CVE-2023-28487", "cwe": { "id": "CWE-117", "name": "Improper Output Neutralization for Logs" }, "discovery_date": "2023-03-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2179273" } ], "notes": [ { "category": "description", "text": "A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where the \"sudoreplay -l\u0027 command improperly escapes terminal control characters. As sudo\u0027s log messages may contain user-controlled strings, this could allow an attacker to inject terminal control commands, leading to a leak of restricted information.", "title": "Vulnerability description" }, { "category": "summary", "text": "sudo: Sudo does not escape control characters in sudoreplay output", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28487" }, { "category": "external", "summary": "RHBZ#2179273", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179273" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28487", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28487" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28487", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28487" } ], "release_date": "2023-03-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sudo: Sudo does not escape control characters in sudoreplay output" }, { "cve": "CVE-2023-29406", "cwe": { "id": "CWE-113", "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)" }, "discovery_date": "2023-07-12T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2222167" } ], "notes": [ { "category": "description", "text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http: insufficient sanitization of Host header", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-29406" }, { "category": "external", "summary": "RHBZ#2222167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406", "url": "https://www.cve.org/CVERecord?id=CVE-2023-29406" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0", "url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0" } ], "release_date": "2023-07-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http: insufficient sanitization of Host header" }, { "cve": "CVE-2023-29409", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-08-03T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2228743" } ], "notes": [ { "category": "description", "text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-29409" }, { "category": "external", "summary": "RHBZ#2228743", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409", "url": "https://www.cve.org/CVERecord?id=CVE-2023-29409" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409" }, { "category": "external", "summary": "https://go.dev/cl/515257", "url": "https://go.dev/cl/515257" }, { "category": "external", "summary": "https://go.dev/issue/61460", "url": "https://go.dev/issue/61460" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ", "url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2023-1987", "url": "https://pkg.go.dev/vuln/GO-2023-1987" } ], "release_date": "2023-08-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys" }, { "acknowledgments": [ { "names": [ "Takeshi Kaneko" ], "organization": "GMO Cybersecurity by Ierae, Inc." } ], "cve": "CVE-2023-39318", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2023-09-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2237776" } ], "notes": [ { "category": "description", "text": "A flaw was found in Golang. The html/template package did not properly handle HMTL-like \"\u003c!--\" and \"--\u003e\" comment tokens, nor hashbang \"#!\" comment tokens, in \u003cscript\u003e contexts. This issue may cause the template parser to improperly interpret the contents of \u003cscript\u003e contexts, causing actions to be improperly escaped.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: html/template: improper handling of HTML-like comments within script contexts", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-39318" }, { "category": "external", "summary": "RHBZ#2237776", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39318", "url": "https://www.cve.org/CVERecord?id=CVE-2023-39318" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318" }, { "category": "external", "summary": "https://go.dev/cl/526156", "url": "https://go.dev/cl/526156" }, { "category": "external", "summary": "https://go.dev/issue/62196", "url": "https://go.dev/issue/62196" }, { "category": "external", "summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ", "url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ" }, { "category": "external", "summary": "https://vuln.go.dev/ID/GO-2023-2041.json", "url": "https://vuln.go.dev/ID/GO-2023-2041.json" } ], "release_date": "2023-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: html/template: improper handling of HTML-like comments within script contexts" }, { "acknowledgments": [ { "names": [ "Takeshi Kaneko" ], "organization": "GMO Cybersecurity by Ierae, Inc." } ], "cve": "CVE-2023-39319", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2023-09-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2237773" } ], "notes": [ { "category": "description", "text": "A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of \"\u003cscript\", \"\u003c!--\", and \"\u003c/script\" within JS literals in \u003cscript\u003e contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: html/template: improper handling of special tags within script contexts", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-39319" }, { "category": "external", "summary": "RHBZ#2237773", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39319", "url": "https://www.cve.org/CVERecord?id=CVE-2023-39319" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319" }, { "category": "external", "summary": "https://go.dev/cl/526157", "url": "https://go.dev/cl/526157" }, { "category": "external", "summary": "https://go.dev/issue/62197", "url": "https://go.dev/issue/62197" }, { "category": "external", "summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ", "url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ" }, { "category": "external", "summary": "https://vuln.go.dev/ID/GO-2023-2043.json", "url": "https://vuln.go.dev/ID/GO-2023-2043.json" } ], "release_date": "2023-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: html/template: improper handling of special tags within script contexts" }, { "acknowledgments": [ { "names": [ "Martin Seemann" ] } ], "cve": "CVE-2023-39321", "discovery_date": "2023-09-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2237777" } ], "notes": [ { "category": "description", "text": "A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-39321" }, { "category": "external", "summary": "RHBZ#2237777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39321", "url": "https://www.cve.org/CVERecord?id=CVE-2023-39321" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321" }, { "category": "external", "summary": "https://go.dev/cl/523039", "url": "https://go.dev/cl/523039" }, { "category": "external", "summary": "https://go.dev/issue/62266", "url": "https://go.dev/issue/62266" }, { "category": "external", "summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ", "url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ" }, { "category": "external", "summary": "https://vuln.go.dev/ID/GO-2023-2044.json", "url": "https://vuln.go.dev/ID/GO-2023-2044.json" } ], "release_date": "2023-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections" }, { "acknowledgments": [ { "names": [ "Marten Seemann" ] } ], "cve": "CVE-2023-39322", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2023-09-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2237778" } ], "notes": [ { "category": "description", "text": "A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: crypto/tls: lack of a limit on buffered post-handshake", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-39322" }, { "category": "external", "summary": "RHBZ#2237778", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39322", "url": "https://www.cve.org/CVERecord?id=CVE-2023-39322" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322" }, { "category": "external", "summary": "https://go.dev/cl/523039", "url": "https://go.dev/cl/523039" }, { "category": "external", "summary": "https://go.dev/issue/62266", "url": "https://go.dev/issue/62266" }, { "category": "external", "summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ", "url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ" }, { "category": "external", "summary": "https://vuln.go.dev/ID/GO-2023-2045.json", "url": "https://vuln.go.dev/ID/GO-2023-2045.json" } ], "release_date": "2023-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: crypto/tls: lack of a limit on buffered post-handshake" }, { "cve": "CVE-2023-39615", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-08-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2235864" } ], "notes": [ { "category": "description", "text": "A flaw was found in Libxml2, where it contains a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a denial of service (DoS) by supplying a crafted XML file.", "title": "Vulnerability description" }, { "category": "summary", "text": "libxml2: crafted xml can cause global buffer overflow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-39615" }, { "category": "external", "summary": "RHBZ#2235864", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235864" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39615", "url": "https://www.cve.org/CVERecord?id=CVE-2023-39615" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39615", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39615" }, { "category": "external", "summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/535", "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/535" } ], "release_date": "2023-08-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "libxml2: crafted xml can cause global buffer overflow" }, { "cve": "CVE-2023-42282", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2024-02-20T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2265161" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the NPM IP Package. This flaw allows an attacker to perform arbitrary code execution and obtain sensitive information via the isPublic() function by inducing a Server-Side Request Forgery (SSRF) attack and obtaining access to normally inaccessible resources.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ip: arbitrary code execution via the isPublic() function", "title": "Vulnerability summary" }, { "category": "other", "text": "It appears that npm does not utilize the bundled code therefore Red Hat Enterprise Linux is not affected by this vulnerability.\n\nWhile the vulnerability in the NPM IP Package presents a significant security concern, it\u0027s categorized as important rather than critical due to several factors. Firstly, the misclassification of the private IP address 0x7f.1 as public by the isPublic() function does not directly lead to remote code execution or unauthorized access to critical systems. Instead, it facilitates SSRF attacks, which typically require additional conditions to fully exploit, such as the ability to influence server-side requests and responses. Additionally, the impact of SSRF attacks can vary depending on the specific environment and configuration of the affected system. While SSRF attacks can potentially lead to data exposure, service disruption, or lateral movement within a network, their severity is often mitigated by factors such as network segmentation, access controls, and the availability of sensitive resources.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64" ], "known_not_affected": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-42282" }, { "category": "external", "summary": "RHBZ#2265161", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265161" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-42282", "url": "https://www.cve.org/CVERecord?id=CVE-2023-42282" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-42282", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42282" }, { "category": "external", "summary": "https://cosmosofcyberspace.github.io/npm_ip_cve/npm_ip_cve.html", "url": "https://cosmosofcyberspace.github.io/npm_ip_cve/npm_ip_cve.html" } ], "release_date": "2024-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nodejs-ip: arbitrary code execution via the isPublic() function" }, { "cve": "CVE-2023-42465", "cwe": { "id": "CWE-1319", "name": "Improper Protection against Electromagnetic Fault Injection (EM-FI)" }, "discovery_date": "2023-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2255568" } ], "notes": [ { "category": "description", "text": "A flaw was found in the sudo package. This issue could allow a local authenticated attacker to cause a bit to flip, which enables fault injection and may authenticate as the root user.", "title": "Vulnerability description" }, { "category": "summary", "text": "sudo: Targeted Corruption of Register and Stack Variables", "title": "Vulnerability summary" }, { "category": "other", "text": "\"Mayhem\" is a potent attack technique that focuses on the core components of computing systems, specifically the CPU internals and stack variables. This method signifies a noteworthy advancement in cyber threats, demonstrating a successful ability to tamper with a computer\u0027s memory and compromise both stack and register variables. Capitalizing on the well-known Rowhammer effect, wherein swift access to a DRAM row induces bit flips in neighboring rows, this clever attack exploits these bit flips to disrupt stack variables and manipulate register values within a given process. The manipulation is accomplished by targeting register values stored in the process\u0027s stack, which, once flushed out to memory, become vulnerable to Rowhammer attacks. When reloaded, these corrupted values cause chaos, compromising the integrity of the entire process. It\u0027s important to note that this attack is confined to the local system, leading us to categorize it as a moderate threat.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-42465" }, { "category": "external", "summary": "RHBZ#2255568", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255568" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-42465", "url": "https://www.cve.org/CVERecord?id=CVE-2023-42465" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-42465", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42465" }, { "category": "external", "summary": "https://arxiv.org/pdf/2309.02545.pdf", "url": "https://arxiv.org/pdf/2309.02545.pdf" }, { "category": "external", "summary": "https://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f", "url": "https://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f" } ], "release_date": "2023-09-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "In general to address this issue, it\u0027s crucial to implement robust logic that prevents unintended execution from a single-bit flip. \n\nBut mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sudo: Targeted Corruption of Register and Stack Variables" }, { "cve": "CVE-2023-43646", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-09-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2241149" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the get-func-name package in the chai module. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "get-func-name: ReDoS in chai module", "title": "Vulnerability summary" }, { "category": "other", "text": "- This vulnerability can be exploited when there is an imbalance in parentheses, which results in excessive backtracking and subsequently increases the CPU load and processing time significantly. This vulnerability can be triggered using the following input: \u0027\\t\u0027.repeat(54773) + \u0027\\t/function/i\u0027\n\n- The get-func-name package is a build-time dependency in Red Hat products, which reduces the chance of successful exploitation. Hence, the impact is set to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-43646" }, { "category": "external", "summary": "RHBZ#2241149", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241149" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-43646", "url": "https://www.cve.org/CVERecord?id=CVE-2023-43646" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-43646", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43646" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-4q6p-r6v2-jvc5", "url": "https://github.com/advisories/GHSA-4q6p-r6v2-jvc5" }, { "category": "external", "summary": "https://github.com/chaijs/get-func-name/blob/78ad756441a83f3dc203e50f76c113ae3ac017dc/index.js#L15", "url": "https://github.com/chaijs/get-func-name/blob/78ad756441a83f3dc203e50f76c113ae3ac017dc/index.js#L15" } ], "release_date": "2023-09-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "get-func-name: ReDoS in chai module" }, { "cve": "CVE-2023-43804", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2023-10-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2242493" } ], "notes": [ { "category": "description", "text": "A flaw was found in urllib3, a user-friendly HTTP client library for Python. urllib3 doesn\u0027t treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, which is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn\u0027t disable redirects explicitly.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-urllib3: Cookie request header isn\u0027t stripped during cross-origin redirects", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-43804" }, { "category": "external", "summary": "RHBZ#2242493", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242493" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-43804", "url": "https://www.cve.org/CVERecord?id=CVE-2023-43804" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-43804", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43804" } ], "release_date": "2023-10-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-urllib3: Cookie request header isn\u0027t stripped during cross-origin redirects" }, { "cve": "CVE-2023-45803", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2023-10-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2246840" } ], "notes": [ { "category": "description", "text": "A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn\u0027t remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as `POST` to `GET`, as is required by HTTP RFCs. This issue requires a previously trusted service to become compromised in order to have an impact on confidentiality, therefore, the exploitability of this vulnerability is low. Additionally, many users aren\u0027t putting sensitive data in HTTP request bodies; if this is the case, this vulnerability isn\u0027t exploitable.", "title": "Vulnerability description" }, { "category": "summary", "text": "urllib3: Request body not stripped after redirect from 303 status changes request method to GET", "title": "Vulnerability summary" }, { "category": "other", "text": "Both of the following conditions must be true to be affected by this vulnerability: \n1. Using urllib3 and submitting sensitive information in the HTTP request body such as form data or JSON\n2. The origin service is compromised and starts redirecting using 301, 302, or 303 to a malicious peer or the redirected-to service becomes compromised", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-45803" }, { "category": "external", "summary": "RHBZ#2246840", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246840" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-45803", "url": "https://www.cve.org/CVERecord?id=CVE-2023-45803" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45803", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45803" }, { "category": "external", "summary": "https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9", "url": "https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9" }, { "category": "external", "summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4", "url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4" }, { "category": "external", "summary": "https://www.rfc-editor.org/rfc/rfc9110.html#name-get", "url": "https://www.rfc-editor.org/rfc/rfc9110.html#name-get" } ], "release_date": "2023-10-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "Users unable to update should disable redirects for services that aren\u0027t expecting to respond with redirects with `redirects=False`, disable automatic redirects with `redirects=False`, and handle 301, 302, and 303 redirects manually by stripping the HTTP request body.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "urllib3: Request body not stripped after redirect from 303 status changes request method to GET" }, { "acknowledgments": [ { "names": [ "Harry Sintonen" ], "organization": "reported" }, { "names": [ "Daniel Stenberg" ], "organization": "patched" } ], "cve": "CVE-2023-46218", "cwe": { "id": "CWE-201", "name": "Insertion of Sensitive Information Into Sent Data" }, "discovery_date": "2023-11-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2252030" } ], "notes": [ { "category": "description", "text": "A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set \"super cookies\" in curl that are passed back to more origins than what is otherwise allowed or possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: information disclosure by exploiting a mixed case flaw", "title": "Vulnerability summary" }, { "category": "other", "text": "When curl is built without PSL support, it cannot protect against this problem but it is expected to not allow \"too wide\" cookies when PSL support is enabled.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-46218" }, { "category": "external", "summary": "RHBZ#2252030", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252030" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-46218", "url": "https://www.cve.org/CVERecord?id=CVE-2023-46218" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-46218", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46218" }, { "category": "external", "summary": "https://curl.se/docs/CVE-2023-46218.html", "url": "https://curl.se/docs/CVE-2023-46218.html" } ], "release_date": "2023-12-06T07:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: information disclosure by exploiting a mixed case flaw" }, { "cve": "CVE-2023-48631", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2023-12-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2254559" } ], "notes": [ { "category": "description", "text": "A Regular Expression Denial of Service (ReDoS) vulnerability was found in Adobe\u0027s css-tools when parsing CSS. This issue occurs due to improper input validation and may allow an attacker to use a carefully crafted input string to cause a denial of service, especially when attempting to parse CSS.", "title": "Vulnerability description" }, { "category": "summary", "text": "css-tools: regular expression denial of service (ReDoS) when parsing CSS", "title": "Vulnerability summary" }, { "category": "other", "text": "The Regular Expression Denial of Service (ReDoS) vulnerability in css-tools, triggered by improper input validation when parsing CSS, is considered of moderate severity. While it can lead to a denial of service by causing the application to become unresponsive, the impact is limited to scenarios where an attacker can provide crafted input. Additionally, the absence of evidence of active exploitation in the wild and contextual factors, such as the software\u0027s usage, contribute to the moderate severity rating.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-48631" }, { "category": "external", "summary": "RHBZ#2254559", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254559" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48631", "url": "https://www.cve.org/CVERecord?id=CVE-2023-48631" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48631", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48631" }, { "category": "external", "summary": "https://github.com/adobe/css-tools/security/advisories/GHSA-prr3-c3m5-p7q2", "url": "https://github.com/adobe/css-tools/security/advisories/GHSA-prr3-c3m5-p7q2" } ], "release_date": "2023-12-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "css-tools: regular expression denial of service (ReDoS) when parsing CSS" }, { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "discovery_date": "2023-12-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2254210" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)", "title": "Vulnerability summary" }, { "category": "other", "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-48795" }, { "category": "external", "summary": "RHBZ#2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795", "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795" }, { "category": "external", "summary": "https://access.redhat.com/solutions/7071748", "url": "https://access.redhat.com/solutions/7071748" }, { "category": "external", "summary": "https://terrapin-attack.com/", "url": "https://terrapin-attack.com/" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)" }, { "cve": "CVE-2023-51385", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "discovery_date": "2023-12-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2255271" } ], "notes": [ { "category": "description", "text": "A flaw was found in OpenSSH. In certain circumstances, a remote attacker may be able to execute arbitrary OS commands by using expansion tokens, such as %u or %h, with user names or host names that contain shell metacharacters.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssh: potential command injection via shell metacharacters", "title": "Vulnerability summary" }, { "category": "other", "text": "The ability to execute OS commands is dependent on what quoting is present in the user-supplied ssh_config directive. However, it is generally the user\u0027s responsibility to validate arguments passed to SSH.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-51385" }, { "category": "external", "summary": "RHBZ#2255271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255271" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51385", "url": "https://www.cve.org/CVERecord?id=CVE-2023-51385" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "openssh: potential command injection via shell metacharacters" }, { "cve": "CVE-2024-0553", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "discovery_date": "2024-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2258412" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.", "title": "Vulnerability description" }, { "category": "summary", "text": "gnutls: incomplete fix for CVE-2023-5981", "title": "Vulnerability summary" }, { "category": "other", "text": "The identified vulnerability in the GnuTLS library, designated as CVE-2024-0553, presents a moderate severity concern due to its potential for facilitating timing side-channel attacks in RSA-PSK ciphersuites. While the flaw allows for the exploitation of timing differentials during the key exchange process, enabling attackers to infer sensitive data, its impact is constrained by several factors. Firstly, successful exploitation requires precise timing measurements and sophisticated analysis techniques, posing a significant barrier to entry for potential attackers. Additionally, the effectiveness of the attack is contingent on environmental factors such as network latency and system load, further limiting its practical feasibility. \n\n This issue marked as an incomplete resolution for a previously identified vulnerability, CVE-2023-5981, indicating a potential persistence or recurrence of the problem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-0553" }, { "category": "external", "summary": "RHBZ#2258412", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258412" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-0553", "url": "https://www.cve.org/CVERecord?id=CVE-2024-0553" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-0553", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0553" }, { "category": "external", "summary": "https://gitlab.com/gnutls/gnutls/-/issues/1522", "url": "https://gitlab.com/gnutls/gnutls/-/issues/1522" }, { "category": "external", "summary": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html", "url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html" } ], "release_date": "2024-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "gnutls: incomplete fix for CVE-2023-5981" }, { "cve": "CVE-2024-0567", "cwe": { "id": "CWE-347", "name": "Improper Verification of Cryptographic Signature" }, "discovery_date": "2024-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2258544" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "gnutls: rejects certificate chain with distributed trust", "title": "Vulnerability summary" }, { "category": "other", "text": "The issue is marked as moderate because it involves a vulnerability in GnuTLS, specifically affecting Cockpit, which utilizes GnuTLS. The vulnerability arises when a certificate chain with distributed trust is rejected during validation using cockpit-certificate-ensure. Although this flaw could potentially be exploited by an unauthenticated remote attacker to trigger a denial of service attack on the client, it\u0027s important to note that specific server configurations are required for client authentication requests.\n\nThis is a bug in the GnuTLS library, Cockpit does not copy this code, but uses the shared lib at runtime. Hence, patching gnutls is necessary and sufficient to address this, hance Cockpit is not affected by this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-0567" }, { "category": "external", "summary": "RHBZ#2258544", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258544" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-0567", "url": "https://www.cve.org/CVERecord?id=CVE-2024-0567" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-0567", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0567" }, { "category": "external", "summary": "https://gitlab.com/gnutls/gnutls/-/issues/1521", "url": "https://gitlab.com/gnutls/gnutls/-/issues/1521" }, { "category": "external", "summary": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html", "url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html" } ], "release_date": "2024-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-19T15:19:34+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x", "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le", "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x", "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64", "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64", "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64", "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le", "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64", "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64", "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x", "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64", "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64", "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64", "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x", "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le", "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le", "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64", "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64", "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x", "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x", "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64", "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x", "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "gnutls: rejects certificate chain with distributed trust" } ] }
rhsa-2024_0606
Vulnerability from csaf_redhat
Published
2024-01-30 14:59
Modified
2024-12-17 22:32
Summary
Red Hat Security Advisory: openssh security update
Notes
Topic
An update for openssh is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.
Security Fix(es):
* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
* openssh: potential command injection via shell metacharacters (CVE-2023-51385)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for openssh is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.\n\nSecurity Fix(es):\n\n* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\n* openssh: potential command injection via shell metacharacters (CVE-2023-51385)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:0606", "url": "https://access.redhat.com/errata/RHSA-2024:0606" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "2255271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255271" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0606.json" } ], "title": "Red Hat Security Advisory: openssh security update", "tracking": { "current_release_date": "2024-12-17T22:32:34+00:00", "generator": { "date": "2024-12-17T22:32:34+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:0606", "initial_release_date": "2024-01-30T14:59:23+00:00", "revision_history": [ { "date": "2024-01-30T14:59:23+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-01-30T14:59:23+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T22:32:34+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product": { "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:8::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "openssh-server-0:8.0p1-19.el8_9.2.aarch64", "product": { "name": "openssh-server-0:8.0p1-19.el8_9.2.aarch64", "product_id": "openssh-server-0:8.0p1-19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.0p1-19.el8_9.2?arch=aarch64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "product": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "product_id": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.19.el8_9.2?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "product": { "name": "openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "product_id": "openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.0p1-19.el8_9.2?arch=ppc64le" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "product": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "product_id": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.19.el8_9.2?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "openssh-server-0:8.0p1-19.el8_9.2.x86_64", "product": { "name": "openssh-server-0:8.0p1-19.el8_9.2.x86_64", "product_id": "openssh-server-0:8.0p1-19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.0p1-19.el8_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "product": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "product_id": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.19.el8_9.2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "product": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-clients-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-clients-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-clients-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-clients@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "openssh-server-0:8.0p1-19.el8_9.2.s390x", "product": { "name": "openssh-server-0:8.0p1-19.el8_9.2.s390x", "product_id": "openssh-server-0:8.0p1-19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh-server@8.0p1-19.el8_9.2?arch=s390x" } } }, { "category": "product_version", "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "product": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "product_id": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.19.el8_9.2?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openssh-0:8.0p1-19.el8_9.2.src", "product": { "name": "openssh-0:8.0p1-19.el8_9.2.src", "product_id": "openssh-0:8.0p1-19.el8_9.2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssh@8.0p1-19.el8_9.2?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_9.2.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src" }, "product_reference": "openssh-0:8.0p1-19.el8_9.2.src", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-server-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-server-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-server-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64", "relates_to_product_reference": "AppStream-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_9.2.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src" }, "product_reference": "openssh-0:8.0p1-19.el8_9.2.src", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-server-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-server-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-server-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64" }, "product_reference": "openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64" }, "product_reference": "pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64" }, "product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64", "relates_to_product_reference": "BaseOS-8.9.0.Z.MAIN" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "discovery_date": "2023-12-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2254210" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)", "title": "Vulnerability summary" }, { "category": "other", "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-48795" }, { "category": "external", "summary": "RHBZ#2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795", "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795" }, { "category": "external", "summary": "https://access.redhat.com/solutions/7071748", "url": "https://access.redhat.com/solutions/7071748" }, { "category": "external", "summary": "https://terrapin-attack.com/", "url": "https://terrapin-attack.com/" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-01-30T14:59:23+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.", "product_ids": [ "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0606" }, { "category": "workaround", "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748", "product_ids": [ "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)" }, { "cve": "CVE-2023-51385", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "discovery_date": "2023-12-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2255271" } ], "notes": [ { "category": "description", "text": "A flaw was found in OpenSSH. In certain circumstances, a remote attacker may be able to execute arbitrary OS commands by using expansion tokens, such as %u or %h, with user names or host names that contain shell metacharacters.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssh: potential command injection via shell metacharacters", "title": "Vulnerability summary" }, { "category": "other", "text": "The ability to execute OS commands is dependent on what quoting is present in the user-supplied ssh_config directive. However, it is generally the user\u0027s responsibility to validate arguments passed to SSH.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-51385" }, { "category": "external", "summary": "RHBZ#2255271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255271" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51385", "url": "https://www.cve.org/CVERecord?id=CVE-2023-51385" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-01-30T14:59:23+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.", "product_ids": [ "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0606" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "AppStream-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "AppStream-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.src", "BaseOS-8.9.0.Z.MAIN:openssh-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-debugsource-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:openssh-server-debuginfo-0:8.0p1-19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.x86_64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.ppc64le", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.s390x", "BaseOS-8.9.0.Z.MAIN:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "openssh: potential command injection via shell metacharacters" } ] }
ncsc-2024-0325
Vulnerability from csaf_ncscnl
Published
2024-08-07 09:04
Modified
2024-08-07 09:04
Summary
Kwetsbaarheden verholpen in Aruba Networks ArubaOS en InstantOS
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Aruba Networks heeft kwetsbaarheden verholpen in ArubaOS en InstantOS.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of om willekeurige code uit te voeren op het kwetsbare systeem.
Succesvol misbruik vereist dat de kwaadwillende toegang heeft tot de PAPI-poort, of de SSH-poort. Beide poorten zijn onder normale omstandigheden niet publiek toegankelijk.
Oplossingen
Aruba Networks heeft updates uitgebracht van ArubaOS en InstantOS om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-222
Truncation of Security-relevant Information
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Aruba Networks heeft kwetsbaarheden verholpen in ArubaOS en InstantOS.", "title": "Feiten" }, { "category": "description", "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of om willekeurige code uit te voeren op het kwetsbare systeem.\n\nSuccesvol misbruik vereist dat de kwaadwillende toegang heeft tot de PAPI-poort, of de SSH-poort. Beide poorten zijn onder normale omstandigheden niet publiek toegankelijk.", "title": "Interpretaties" }, { "category": "description", "text": "Aruba Networks heeft updates uitgebracht van ArubaOS en InstantOS om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Truncation of Security-relevant Information", "title": "CWE-222" }, { "category": "general", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - nvd", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us\u0026docLocale=en_US" } ], "title": "Kwetsbaarheden verholpen in Aruba Networks ArubaOS en InstantOS", "tracking": { "current_release_date": "2024-08-07T09:04:14.955844Z", "id": "NCSC-2024-0325", "initial_release_date": "2024-08-07T09:04:14.955844Z", "revision_history": [ { "date": "2024-08-07T09:04:14.955844Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "aruba_instantos", "product": { "name": "aruba_instantos", "product_id": "CSAFPID-1606153", "product_identification_helper": { "cpe": "cpe:2.3:a:hpe:aruba_instantos:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "arubaos-cx", "product": { "name": "arubaos-cx", "product_id": "CSAFPID-346335", "product_identification_helper": { "cpe": "cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "hpe" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "notes": [ { "category": "other", "text": "Truncation of Security-relevant Information", "title": "CWE-222" } ], "references": [ { "category": "self", "summary": "CVE-2023-48795", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json" } ], "title": "CVE-2023-48795" }, { "cve": "CVE-2023-51385", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" } ], "references": [ { "category": "self", "summary": "CVE-2023-51385", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json" } ], "title": "CVE-2023-51385" }, { "cve": "CVE-2024-42393", "references": [ { "category": "self", "summary": "CVE-2024-42393", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42393.json" } ], "title": "CVE-2024-42393" }, { "cve": "CVE-2024-42394", "references": [ { "category": "self", "summary": "CVE-2024-42394", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42394.json" } ], "title": "CVE-2024-42394" }, { "cve": "CVE-2024-42395", "references": [ { "category": "self", "summary": "CVE-2024-42395", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42395.json" } ], "title": "CVE-2024-42395" }, { "cve": "CVE-2024-42396", "references": [ { "category": "self", "summary": "CVE-2024-42396", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42396.json" } ], "title": "CVE-2024-42396" }, { "cve": "CVE-2024-42397", "references": [ { "category": "self", "summary": "CVE-2024-42397", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42397.json" } ], "title": "CVE-2024-42397" }, { "cve": "CVE-2024-42398", "references": [ { "category": "self", "summary": "CVE-2024-42398", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42398.json" } ], "title": "CVE-2024-42398" }, { "cve": "CVE-2024-42399", "references": [ { "category": "self", "summary": "CVE-2024-42399", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42399.json" } ], "title": "CVE-2024-42399" }, { "cve": "CVE-2024-42400", "references": [ { "category": "self", "summary": "CVE-2024-42400", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42400.json" } ], "title": "CVE-2024-42400" } ] }
NCSC-2024-0325
Vulnerability from csaf_ncscnl
Published
2024-08-07 09:04
Modified
2024-08-07 09:04
Summary
Kwetsbaarheden verholpen in Aruba Networks ArubaOS en InstantOS
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Aruba Networks heeft kwetsbaarheden verholpen in ArubaOS en InstantOS.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of om willekeurige code uit te voeren op het kwetsbare systeem.
Succesvol misbruik vereist dat de kwaadwillende toegang heeft tot de PAPI-poort, of de SSH-poort. Beide poorten zijn onder normale omstandigheden niet publiek toegankelijk.
Oplossingen
Aruba Networks heeft updates uitgebracht van ArubaOS en InstantOS om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-222
Truncation of Security-relevant Information
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Aruba Networks heeft kwetsbaarheden verholpen in ArubaOS en InstantOS.", "title": "Feiten" }, { "category": "description", "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of om willekeurige code uit te voeren op het kwetsbare systeem.\n\nSuccesvol misbruik vereist dat de kwaadwillende toegang heeft tot de PAPI-poort, of de SSH-poort. Beide poorten zijn onder normale omstandigheden niet publiek toegankelijk.", "title": "Interpretaties" }, { "category": "description", "text": "Aruba Networks heeft updates uitgebracht van ArubaOS en InstantOS om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Truncation of Security-relevant Information", "title": "CWE-222" }, { "category": "general", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - nvd", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us\u0026docLocale=en_US" } ], "title": "Kwetsbaarheden verholpen in Aruba Networks ArubaOS en InstantOS", "tracking": { "current_release_date": "2024-08-07T09:04:14.955844Z", "id": "NCSC-2024-0325", "initial_release_date": "2024-08-07T09:04:14.955844Z", "revision_history": [ { "date": "2024-08-07T09:04:14.955844Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "aruba_instantos", "product": { "name": "aruba_instantos", "product_id": "CSAFPID-1606153", "product_identification_helper": { "cpe": "cpe:2.3:a:hpe:aruba_instantos:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "arubaos-cx", "product": { "name": "arubaos-cx", "product_id": "CSAFPID-346335", "product_identification_helper": { "cpe": "cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "hpe" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "notes": [ { "category": "other", "text": "Truncation of Security-relevant Information", "title": "CWE-222" } ], "references": [ { "category": "self", "summary": "CVE-2023-48795", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json" } ], "title": "CVE-2023-48795" }, { "cve": "CVE-2023-51385", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" } ], "references": [ { "category": "self", "summary": "CVE-2023-51385", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json" } ], "title": "CVE-2023-51385" }, { "cve": "CVE-2024-42393", "references": [ { "category": "self", "summary": "CVE-2024-42393", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42393.json" } ], "title": "CVE-2024-42393" }, { "cve": "CVE-2024-42394", "references": [ { "category": "self", "summary": "CVE-2024-42394", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42394.json" } ], "title": "CVE-2024-42394" }, { "cve": "CVE-2024-42395", "references": [ { "category": "self", "summary": "CVE-2024-42395", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42395.json" } ], "title": "CVE-2024-42395" }, { "cve": "CVE-2024-42396", "references": [ { "category": "self", "summary": "CVE-2024-42396", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42396.json" } ], "title": "CVE-2024-42396" }, { "cve": "CVE-2024-42397", "references": [ { "category": "self", "summary": "CVE-2024-42397", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42397.json" } ], "title": "CVE-2024-42397" }, { "cve": "CVE-2024-42398", "references": [ { "category": "self", "summary": "CVE-2024-42398", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42398.json" } ], "title": "CVE-2024-42398" }, { "cve": "CVE-2024-42399", "references": [ { "category": "self", "summary": "CVE-2024-42399", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42399.json" } ], "title": "CVE-2024-42399" }, { "cve": "CVE-2024-42400", "references": [ { "category": "self", "summary": "CVE-2024-42400", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42400.json" } ], "title": "CVE-2024-42400" } ] }
NCSC-2024-0411
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:15
Modified
2024-10-17 13:15
Summary
Kwetsbaarheden verholpen in Oracle Database producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van data
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-208
Observable Timing Discrepancy
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-755
Improper Handling of Exceptional Conditions
CWE-834
Excessive Iteration
CWE-407
Inefficient Algorithmic Complexity
CWE-178
Improper Handling of Case Sensitivity
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-415
Double Free
CWE-311
Missing Encryption of Sensitive Data
CWE-427
Uncontrolled Search Path Element
CWE-172
Encoding Error
CWE-680
Integer Overflow to Buffer Overflow
CWE-426
Untrusted Search Path
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-203
Observable Discrepancy
CWE-190
Integer Overflow or Wraparound
CWE-552
Files or Directories Accessible to External Parties
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-275
CWE-275
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-416
Use After Free
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-295
Improper Certificate Validation
CWE-668
Exposure of Resource to Wrong Sphere
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-918
Server-Side Request Forgery (SSRF)
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-681
Incorrect Conversion between Numeric Types
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-269
Improper Privilege Management
CWE-20
Improper Input Validation
CWE-87
Improper Neutralization of Alternate XSS Syntax
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-18
CWE-18
CWE-385
Covert Timing Channel
CWE-606
Unchecked Input for Loop Condition
CWE-192
Integer Coercion Error
CWE-390
Detection of Error Condition Without Action
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-222
Truncation of Security-relevant Information
CWE-131
Incorrect Calculation of Buffer Size
CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE-304
Missing Critical Step in Authentication
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.", "title": "Feiten" }, { "category": "description", "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens", "title": "Interpretaties" }, { "category": "description", "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Improper Handling of Length Parameter Inconsistency", "title": "CWE-130" }, { "category": "general", "text": "Observable Timing Discrepancy", "title": "CWE-208" }, { "category": "general", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" }, { "category": "general", "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)", "title": "CWE-88" }, { "category": "general", "text": "Improper Handling of Exceptional Conditions", "title": "CWE-755" }, { "category": "general", "text": "Excessive Iteration", "title": "CWE-834" }, { "category": "general", "text": "Inefficient Algorithmic Complexity", "title": "CWE-407" }, { "category": "general", "text": "Improper Handling of Case Sensitivity", "title": "CWE-178" }, { "category": "general", "text": "Incorrect Permission Assignment for Critical Resource", "title": "CWE-732" }, { "category": "general", "text": "Double Free", "title": "CWE-415" }, { "category": "general", "text": "Missing Encryption of Sensitive Data", "title": "CWE-311" }, { "category": "general", "text": "Uncontrolled Search Path Element", "title": "CWE-427" }, { "category": "general", "text": "Encoding Error", "title": "CWE-172" }, { "category": "general", "text": "Integer Overflow to Buffer Overflow", "title": "CWE-680" }, { "category": "general", "text": "Untrusted Search Path", "title": "CWE-426" }, { "category": "general", "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)", "title": "CWE-843" }, { "category": "general", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" }, { "category": "general", "text": "Insufficient Verification of Data Authenticity", "title": "CWE-345" }, { "category": "general", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" }, { "category": "general", "text": "Observable Discrepancy", "title": "CWE-203" }, { "category": "general", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "general", "text": "Files or Directories Accessible to External Parties", "title": "CWE-552" }, { "category": "general", "text": "Authorization Bypass Through User-Controlled Key", "title": "CWE-639" }, { "category": "general", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "general", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "general", "text": "CWE-275", "title": "CWE-275" }, { "category": "general", "text": "Improper Access Control", "title": "CWE-284" }, { "category": "general", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "general", "text": "Inefficient Regular Expression Complexity", "title": "CWE-1333" }, { "category": "general", "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "title": "CWE-1321" }, { "category": "general", "text": "Use After Free", "title": "CWE-416" }, { "category": "general", "text": "Missing Release of Memory after Effective Lifetime", "title": "CWE-401" }, { "category": "general", "text": "NULL Pointer Dereference", "title": "CWE-476" }, { "category": "general", "text": "Improper Certificate Validation", "title": "CWE-295" }, { "category": "general", "text": "Exposure of Resource to Wrong Sphere", "title": "CWE-668" }, { "category": "general", "text": "Inclusion of Functionality from Untrusted Control Sphere", "title": "CWE-829" }, { "category": "general", "text": "Use of a Broken or Risky Cryptographic Algorithm", "title": "CWE-327" }, { "category": "general", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "general", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" }, { "category": "general", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "general", "text": "Server-Side Request Forgery (SSRF)", "title": "CWE-918" }, { "category": "general", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" }, { "category": "general", "text": "Out-of-bounds Write", "title": "CWE-787" }, { "category": "general", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "general", "text": "Heap-based Buffer Overflow", "title": "CWE-122" }, { "category": "general", "text": "Stack-based Buffer Overflow", "title": "CWE-121" }, { "category": "general", "text": "Incorrect Conversion between Numeric Types", "title": "CWE-681" }, { "category": "general", "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "title": "CWE-835" }, { "category": "general", "text": "Improper Privilege Management", "title": "CWE-269" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "general", "text": "Improper Neutralization of Alternate XSS Syntax", "title": "CWE-87" }, { "category": "general", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" }, { "category": "general", "text": "CWE-18", "title": "CWE-18" }, { "category": "general", "text": "Covert Timing Channel", "title": "CWE-385" }, { "category": "general", "text": "Unchecked Input for Loop Condition", "title": "CWE-606" }, { "category": "general", "text": "Integer Coercion Error", "title": "CWE-192" }, { "category": "general", "text": "Detection of Error Condition Without Action", "title": "CWE-390" }, { "category": "general", "text": "Improperly Controlled Sequential Memory Allocation", "title": "CWE-1325" }, { "category": "general", "text": "Truncation of Security-relevant Information", "title": "CWE-222" }, { "category": "general", "text": "Incorrect Calculation of Buffer Size", "title": "CWE-131" }, { "category": "general", "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "title": "CWE-59" }, { "category": "general", "text": "Missing Critical Step in Authentication", "title": "CWE-304" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat", "url": "https://www.oracle.com/security-alerts/cpuoct2024.html" } ], "title": "Kwetsbaarheden verholpen in Oracle Database producten", "tracking": { "current_release_date": "2024-10-17T13:15:19.595269Z", "id": "NCSC-2024-0411", "initial_release_date": "2024-10-17T13:15:19.595269Z", "revision_history": [ { "date": "2024-10-17T13:15:19.595269Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "database_-_grid", "product": { "name": "database_-_grid", "product_id": "CSAFPID-1673504", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_grid", "product": { "name": "database_-_grid", "product_id": "CSAFPID-1673506", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_core", "product": { "name": "database_-_core", "product_id": "CSAFPID-1673386", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_core", "product": { "name": "database_-_core", "product_id": "CSAFPID-1673385", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_core", "product": { "name": "database_-_core", "product_id": "CSAFPID-1673442", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_security", "product": { "name": "database_-_security", "product_id": "CSAFPID-1673507", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_security", "product": { "name": "database_-_security", "product_id": "CSAFPID-1673509", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_security", "product": { "name": "database_-_security", "product_id": "CSAFPID-1673508", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph_mapviewer", "product": { "name": "spatial_and_graph_mapviewer", "product_id": "CSAFPID-912561", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-764250", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-1673511", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-1673512", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-816800", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-1673529", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "fleet_patching_and_provisioning_-_micronaut", "product": { "name": "fleet_patching_and_provisioning_-_micronaut", "product_id": "CSAFPID-1673492", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "fleet_patching_and_provisioning", "product": { "name": "fleet_patching_and_provisioning", "product_id": "CSAFPID-1503603", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_xml_database", "product": { "name": "database_-_xml_database", "product_id": "CSAFPID-1673445", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_xml_database", "product": { "name": "database_-_xml_database", "product_id": "CSAFPID-1673443", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_xml_database", "product": { "name": "database_-_xml_database", "product_id": "CSAFPID-1673444", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_java_vm", "product": { "name": "database_-_java_vm", "product_id": "CSAFPID-1673451", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_java_vm", "product": { "name": "database_-_java_vm", "product_id": "CSAFPID-1673450", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_java_vm", "product": { "name": "database_-_java_vm", "product_id": "CSAFPID-1673452", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-816798", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-816799", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-1673525", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912046", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-1503299", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816855", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816361", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912045", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-1503302", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912044", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-1503306", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816852", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912600", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816853", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912601", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816854", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sqlcl", "product": { "name": "sqlcl", "product_id": "CSAFPID-816801", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sqlcl", "product": { "name": "sqlcl", "product_id": "CSAFPID-1673405", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express_administration", "product": { "name": "application_express_administration", "product_id": "CSAFPID-764731", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express_customers_plugin", "product": { "name": "application_express_customers_plugin", "product_id": "CSAFPID-764732", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express_team_calendar_plugin", "product": { "name": "application_express_team_calendar_plugin", "product_id": "CSAFPID-764733", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-266119", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-1673510", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-1503575", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-1673188", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-765238", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-765239", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "blockchain_platform", "product": { "name": "blockchain_platform", "product_id": "CSAFPID-764779", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "blockchain_platform", "product": { "name": "blockchain_platform", "product_id": "CSAFPID-89587", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-765259", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-187448", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-94075", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-220886", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-611394", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-816317", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-912567", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-1503612", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-1673479", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_essbase", "product": { "name": "oracle_essbase", "product_id": "CSAFPID-1650506", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-816845", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-1650825", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-1673404", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-1650831", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data", "product": { "name": "goldengate_big_data", "product_id": "CSAFPID-764274", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-764752", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-1673384", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-220192", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-220193", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_studio", "product": { "name": "goldengate_studio", "product_id": "CSAFPID-816846", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_studio", "product": { "name": "goldengate_studio", "product_id": "CSAFPID-611390", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_studio", "product": { "name": "goldengate_studio", "product_id": "CSAFPID-764803", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_veridata", "product": { "name": "goldengate_veridata", "product_id": "CSAFPID-764275", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-342816", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1650767", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-485902", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1503736", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-219912", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1503739", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1650765", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1503738", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_goldengate_stream_analytics", "product": { "name": "oracle_goldengate_stream_analytics", "product_id": "CSAFPID-1650515", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "management_pack_for__goldengate", "product": { "name": "management_pack_for__goldengate", "product_id": "CSAFPID-764861", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "management_pack_for__goldengate", "product": { "name": "management_pack_for__goldengate", "product_id": "CSAFPID-1503640", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_goldengate_studio", "product": { "name": "oracle_goldengate_studio", "product_id": "CSAFPID-1650835", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_goldengate", "product": { "name": "oracle_goldengate", "product_id": "CSAFPID-1650575", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764813", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1503661", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1503663", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673497", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764764", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764765", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673491", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764766", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673495", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764767", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673493", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673489", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673488", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650757", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650758", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650761", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650760", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650759", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_nosql_database", "product": { "name": "oracle_nosql_database", "product_id": "CSAFPID-1650584", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_secure_backup", "product": { "name": "oracle_secure_backup", "product_id": "CSAFPID-1650563", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-667692", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-345049", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-611417", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-1673422", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_sql_developer", "product": { "name": "oracle_sql_developer", "product_id": "CSAFPID-1650638", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-764822", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-220643", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-816870", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-816871", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-1673397", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "oracle" }, { "branches": [ { "category": "product_name", "name": "oracle_application_express", "product": { "name": "oracle_application_express", "product_id": "CSAFPID-1673144", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "oracle_corporation" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-1471", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-220886", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764822", "CSAFPID-1650515", "CSAFPID-1650638", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-89587", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044" ] }, "references": [ { "category": "self", "summary": "CVE-2022-1471", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json" } ], "title": "CVE-2022-1471" }, { "cve": "CVE-2022-34169", "cwe": { "id": "CWE-192", "name": "Integer Coercion Error" }, "notes": [ { "category": "other", "text": "Integer Coercion Error", "title": "CWE-192" }, { "category": "other", "text": "Incorrect Conversion between Numeric Types", "title": "CWE-681" } ], "product_status": { "known_affected": [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2022-34169", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2022-34169" }, { "cve": "CVE-2022-36033", "cwe": { "id": "CWE-87", "name": "Improper Neutralization of Alternate XSS Syntax" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Alternate XSS Syntax", "title": "CWE-87" }, { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2022-36033", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2022-36033" }, { "cve": "CVE-2022-37454", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "other", "text": "Integer Overflow to Buffer Overflow", "title": "CWE-680" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861" ] }, "references": [ { "category": "self", "summary": "CVE-2022-37454", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-37454.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861" ] } ], "title": "CVE-2022-37454" }, { "cve": "CVE-2022-38136", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2022-38136", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38136.json" } ], "title": "CVE-2022-38136" }, { "cve": "CVE-2022-40196", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2022-40196", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40196.json" } ], "title": "CVE-2022-40196" }, { "cve": "CVE-2022-41342", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2022-41342", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41342.json" } ], "title": "CVE-2022-41342" }, { "cve": "CVE-2022-42919", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "other", "text": "Missing Encryption of Sensitive Data", "title": "CWE-311" }, { "category": "other", "text": "Improper Privilege Management", "title": "CWE-269" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2022-42919", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42919.json" } ], "title": "CVE-2022-42919" }, { "cve": "CVE-2022-45061", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Inefficient Algorithmic Complexity", "title": "CWE-407" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2022-45061", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45061.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587" ] } ], "title": "CVE-2022-45061" }, { "cve": "CVE-2022-46337", "product_status": { "known_affected": [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692" ] }, "references": [ { "category": "self", "summary": "CVE-2022-46337", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692" ] } ], "title": "CVE-2022-46337" }, { "cve": "CVE-2023-2976", "cwe": { "id": "CWE-552", "name": "Files or Directories Accessible to External Parties" }, "notes": [ { "category": "other", "text": "Files or Directories Accessible to External Parties", "title": "CWE-552" } ], "product_status": { "known_affected": [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-2976", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-2976" }, { "cve": "CVE-2023-4043", "cwe": { "id": "CWE-834", "name": "Excessive Iteration" }, "notes": [ { "category": "other", "text": "Excessive Iteration", "title": "CWE-834" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-4043", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-4043" }, { "cve": "CVE-2023-4759", "cwe": { "id": "CWE-59", "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)" }, "notes": [ { "category": "other", "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "title": "CWE-59" }, { "category": "other", "text": "Improper Handling of Case Sensitivity", "title": "CWE-178" } ], "product_status": { "known_affected": [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-4759", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-4759" }, { "cve": "CVE-2023-4863", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801" ] }, "references": [ { "category": "self", "summary": "CVE-2023-4863", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4863.json" } ], "title": "CVE-2023-4863" }, { "cve": "CVE-2023-5072", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-5072", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-5072" }, { "cve": "CVE-2023-26031", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "notes": [ { "category": "other", "text": "Untrusted Search Path", "title": "CWE-426" } ], "product_status": { "known_affected": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26031", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-26031" }, { "cve": "CVE-2023-26551", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26551", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26551.json" } ], "scores": [ { "cvss_v3": { "baseScore": 0.0, "baseSeverity": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26551" }, { "cve": "CVE-2023-26552", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26552", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26552" }, { "cve": "CVE-2023-26553", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26553", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26553" }, { "cve": "CVE-2023-26554", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26554", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26554" }, { "cve": "CVE-2023-26555", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26555", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26555.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26555" }, { "cve": "CVE-2023-28484", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] }, "references": [ { "category": "self", "summary": "CVE-2023-28484", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] } ], "title": "CVE-2023-28484" }, { "cve": "CVE-2023-29469", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "Double Free", "title": "CWE-415" } ], "product_status": { "known_affected": [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] }, "references": [ { "category": "self", "summary": "CVE-2023-29469", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] } ], "title": "CVE-2023-29469" }, { "cve": "CVE-2023-33201", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-33201", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-33201" }, { "cve": "CVE-2023-37920", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "other", "text": "Improper Certificate Validation", "title": "CWE-295" }, { "category": "other", "text": "Insufficient Verification of Data Authenticity", "title": "CWE-345" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612" ] }, "references": [ { "category": "self", "summary": "CVE-2023-37920", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612" ] } ], "title": "CVE-2023-37920" }, { "cve": "CVE-2023-39410", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] }, "references": [ { "category": "self", "summary": "CVE-2023-39410", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] } ], "title": "CVE-2023-39410" }, { "cve": "CVE-2023-44487", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-44487", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-44487" }, { "cve": "CVE-2023-44981", "cwe": { "id": "CWE-639", "name": "Authorization Bypass Through User-Controlled Key" }, "notes": [ { "category": "other", "text": "Authorization Bypass Through User-Controlled Key", "title": "CWE-639" } ], "product_status": { "known_affected": [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601" ] }, "references": [ { "category": "self", "summary": "CVE-2023-44981", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44981.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601" ] } ], "title": "CVE-2023-44981" }, { "cve": "CVE-2023-45288", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-45288", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45288.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-45288" }, { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "notes": [ { "category": "other", "text": "Truncation of Security-relevant Information", "title": "CWE-222" } ], "product_status": { "known_affected": [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-48795", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-48795" }, { "cve": "CVE-2023-49083", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-49083", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-49083" }, { "cve": "CVE-2023-51384", "cwe": { "id": "CWE-304", "name": "Missing Critical Step in Authentication" }, "notes": [ { "category": "other", "text": "Missing Critical Step in Authentication", "title": "CWE-304" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-51384", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-51384" }, { "cve": "CVE-2023-51385", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-51385", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-51385" }, { "cve": "CVE-2023-52425", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-52425", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-52425" }, { "cve": "CVE-2023-52426", "cwe": { "id": "CWE-776", "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)" }, "notes": [ { "category": "other", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-52426", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-52426" }, { "cve": "CVE-2024-1874", "cwe": { "id": "CWE-77", "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" }, { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-1874", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1874.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-1874" }, { "cve": "CVE-2024-2408", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "notes": [ { "category": "other", "text": "Observable Discrepancy", "title": "CWE-203" }, { "category": "other", "text": "Observable Timing Discrepancy", "title": "CWE-208" }, { "category": "other", "text": "Use of a Broken or Risky Cryptographic Algorithm", "title": "CWE-327" }, { "category": "other", "text": "Covert Timing Channel", "title": "CWE-385" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-2408", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2408.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-2408" }, { "cve": "CVE-2024-2511", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improperly Controlled Sequential Memory Allocation", "title": "CWE-1325" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-2511", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-2511" }, { "cve": "CVE-2024-4577", "cwe": { "id": "CWE-88", "name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)", "title": "CWE-88" }, { "category": "other", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-4577", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-4577" }, { "cve": "CVE-2024-4603", "cwe": { "id": "CWE-606", "name": "Unchecked Input for Loop Condition" }, "notes": [ { "category": "other", "text": "Unchecked Input for Loop Condition", "title": "CWE-606" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-4603", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-4603" }, { "cve": "CVE-2024-4741", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-4741", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-4741" }, { "cve": "CVE-2024-5458", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5458", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5458.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-5458" }, { "cve": "CVE-2024-5535", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" } ], "product_status": { "known_affected": [ "CSAFPID-1673508", "CSAFPID-1673525" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5535", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673508", "CSAFPID-1673525" ] } ], "title": "CVE-2024-5535" }, { "cve": "CVE-2024-5585", "cwe": { "id": "CWE-116", "name": "Improper Encoding or Escaping of Output" }, "notes": [ { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" }, { "category": "other", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" }, { "category": "other", "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)", "title": "CWE-88" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5585", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-5585" }, { "cve": "CVE-2024-6119", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)" }, "notes": [ { "category": "other", "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)", "title": "CWE-843" } ], "product_status": { "known_affected": [ "CSAFPID-1673508", "CSAFPID-1673525" ] }, "references": [ { "category": "self", "summary": "CVE-2024-6119", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673508", "CSAFPID-1673525" ] } ], "title": "CVE-2024-6119" }, { "cve": "CVE-2024-6232", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "notes": [ { "category": "other", "text": "Inefficient Regular Expression Complexity", "title": "CWE-1333" } ], "references": [ { "category": "self", "summary": "CVE-2024-6232", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json" } ], "title": "CVE-2024-6232" }, { "cve": "CVE-2024-7264", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512" ] }, "references": [ { "category": "self", "summary": "CVE-2024-7264", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512" ] } ], "title": "CVE-2024-7264" }, { "cve": "CVE-2024-7592", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2024-7592", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json" } ], "title": "CVE-2024-7592" }, { "cve": "CVE-2024-21131", "product_status": { "known_affected": [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21131", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21131.json" } ], "title": "CVE-2024-21131" }, { "cve": "CVE-2024-21138", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "notes": [ { "category": "other", "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "title": "CWE-835" } ], "product_status": { "known_affected": [ "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21138", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21138.json" } ], "title": "CVE-2024-21138" }, { "cve": "CVE-2024-21140", "product_status": { "known_affected": [ "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21140", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21140.json" } ], "title": "CVE-2024-21140" }, { "cve": "CVE-2024-21144", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21144", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21144.json" } ], "title": "CVE-2024-21144" }, { "cve": "CVE-2024-21145", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21145", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21145.json" } ], "title": "CVE-2024-21145" }, { "cve": "CVE-2024-21147", "product_status": { "known_affected": [ "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21147", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21147.json" } ], "title": "CVE-2024-21147" }, { "cve": "CVE-2024-21233", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21233", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21233.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-21233" }, { "cve": "CVE-2024-21242", "product_status": { "known_affected": [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21242", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21242.json" } ], "scores": [ { "cvss_v3": { "baseScore": 3.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445" ] } ], "title": "CVE-2024-21242" }, { "cve": "CVE-2024-21251", "product_status": { "known_affected": [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21251", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21251.json" } ], "scores": [ { "cvss_v3": { "baseScore": 3.1, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452" ] } ], "title": "CVE-2024-21251" }, { "cve": "CVE-2024-21261", "product_status": { "known_affected": [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21261", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21261.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-21261" }, { "cve": "CVE-2024-22018", "cwe": { "id": "CWE-275", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-275", "title": "CWE-275" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22018", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-22018" }, { "cve": "CVE-2024-22020", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22020", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-22020" }, { "cve": "CVE-2024-22201", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22201", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-22201" }, { "cve": "CVE-2024-23807", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-23807", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-23807" }, { "cve": "CVE-2024-23944", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-23944", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23944.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-23944" }, { "cve": "CVE-2024-24989", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-24989", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24989.json" } ], "title": "CVE-2024-24989" }, { "cve": "CVE-2024-24990", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-24990", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24990.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-24990" }, { "cve": "CVE-2024-25710", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "notes": [ { "category": "other", "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "title": "CWE-835" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-25710", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-25710" }, { "cve": "CVE-2024-26130", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-26130", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-26130" }, { "cve": "CVE-2024-26308", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-26308", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-26308" }, { "cve": "CVE-2024-27983", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-27983", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-27983" }, { "cve": "CVE-2024-28182", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Detection of Error Condition Without Action", "title": "CWE-390" }, { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-28182", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-28182" }, { "cve": "CVE-2024-28849", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-28849", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-28849" }, { "cve": "CVE-2024-28887", "cwe": { "id": "CWE-427", "name": "Uncontrolled Search Path Element" }, "notes": [ { "category": "other", "text": "Uncontrolled Search Path Element", "title": "CWE-427" } ], "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-28887", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28887.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-28887" }, { "cve": "CVE-2024-29025", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29025", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-29025" }, { "cve": "CVE-2024-29131", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29131", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-29131" }, { "cve": "CVE-2024-29133", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29133", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-29133" }, { "cve": "CVE-2024-31079", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Stack-based Buffer Overflow", "title": "CWE-121" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-31079", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31079.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-31079" }, { "cve": "CVE-2024-32760", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-32760", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-32760" }, { "cve": "CVE-2024-34161", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "other", "text": "Missing Release of Memory after Effective Lifetime", "title": "CWE-401" }, { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-34161", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34161.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-34161" }, { "cve": "CVE-2024-34750", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "other", "text": "Improper Handling of Exceptional Conditions", "title": "CWE-755" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1673504", "CSAFPID-1673506" ] }, "references": [ { "category": "self", "summary": "CVE-2024-34750", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673504", "CSAFPID-1673506" ] } ], "title": "CVE-2024-34750" }, { "cve": "CVE-2024-35200", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-35200", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35200.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-35200" }, { "cve": "CVE-2024-36137", "cwe": { "id": "CWE-275", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-275", "title": "CWE-275" }, { "category": "other", "text": "Incorrect Permission Assignment for Critical Resource", "title": "CWE-732" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-36137", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-36137" }, { "cve": "CVE-2024-36138", "cwe": { "id": "CWE-77", "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-36138", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json" } ], "title": "CVE-2024-36138" }, { "cve": "CVE-2024-36387", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-36387", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-36387" }, { "cve": "CVE-2024-37370", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "notes": [ { "category": "other", "text": "Improper Handling of Length Parameter Inconsistency", "title": "CWE-130" } ], "product_status": { "known_affected": [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509" ] }, "references": [ { "category": "self", "summary": "CVE-2024-37370", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509" ] } ], "title": "CVE-2024-37370" }, { "cve": "CVE-2024-37371", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "notes": [ { "category": "other", "text": "Improper Handling of Length Parameter Inconsistency", "title": "CWE-130" } ], "product_status": { "known_affected": [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509" ] }, "references": [ { "category": "self", "summary": "CVE-2024-37371", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509" ] } ], "title": "CVE-2024-37371" }, { "cve": "CVE-2024-37372", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-37372", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37372.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-37372" }, { "cve": "CVE-2024-38356", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38356", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38356.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-38356" }, { "cve": "CVE-2024-38357", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38357", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38357.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-38357" }, { "cve": "CVE-2024-38472", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "notes": [ { "category": "other", "text": "Server-Side Request Forgery (SSRF)", "title": "CWE-918" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38472", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38472" }, { "cve": "CVE-2024-38473", "cwe": { "id": "CWE-172", "name": "Encoding Error" }, "notes": [ { "category": "other", "text": "Encoding Error", "title": "CWE-172" }, { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38473", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38473" }, { "cve": "CVE-2024-38474", "cwe": { "id": "CWE-172", "name": "Encoding Error" }, "notes": [ { "category": "other", "text": "Encoding Error", "title": "CWE-172" }, { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38474", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38474" }, { "cve": "CVE-2024-38475", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "other", "text": "Improper Access Control", "title": "CWE-284" }, { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38475", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38475" }, { "cve": "CVE-2024-38476", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Inclusion of Functionality from Untrusted Control Sphere", "title": "CWE-829" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38476", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38476" }, { "cve": "CVE-2024-38477", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38477", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38477" }, { "cve": "CVE-2024-38998", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "notes": [ { "category": "other", "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "title": "CWE-1321" } ], "product_status": { "known_affected": [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38998", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-38998" }, { "cve": "CVE-2024-38999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "notes": [ { "category": "other", "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "title": "CWE-1321" } ], "product_status": { "known_affected": [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38999", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json" } ], "scores": [ { "cvss_v3": { "baseScore": 10.0, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-38999" }, { "cve": "CVE-2024-39573", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "notes": [ { "category": "other", "text": "Server-Side Request Forgery (SSRF)", "title": "CWE-918" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-39573", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-39573" }, { "cve": "CVE-2024-39884", "cwe": { "id": "CWE-18", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-18", "title": "CWE-18" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-39884", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39884.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-39884" }, { "cve": "CVE-2024-40725", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Exposure of Resource to Wrong Sphere", "title": "CWE-668" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40725", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40725.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479" ] } ], "title": "CVE-2024-40725" }, { "cve": "CVE-2024-40898", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "notes": [ { "category": "other", "text": "Server-Side Request Forgery (SSRF)", "title": "CWE-918" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40898", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479" ] } ], "title": "CVE-2024-40898" }, { "cve": "CVE-2024-45490", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "other", "text": "Incorrect Calculation of Buffer Size", "title": "CWE-131" } ], "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-45490", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-45490" }, { "cve": "CVE-2024-45491", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" } ], "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-45491", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-45491" }, { "cve": "CVE-2024-45492", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" } ], "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-45492", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-45492" }, { "cve": "CVE-2024-45801", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "notes": [ { "category": "other", "text": "Inefficient Regular Expression Complexity", "title": "CWE-1333" }, { "category": "other", "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "title": "CWE-1321" } ], "product_status": { "known_affected": [ "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-45801", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-45801" } ] }
ncsc-2024-0411
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:15
Modified
2024-10-17 13:15
Summary
Kwetsbaarheden verholpen in Oracle Database producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van data
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-208
Observable Timing Discrepancy
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-755
Improper Handling of Exceptional Conditions
CWE-834
Excessive Iteration
CWE-407
Inefficient Algorithmic Complexity
CWE-178
Improper Handling of Case Sensitivity
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-415
Double Free
CWE-311
Missing Encryption of Sensitive Data
CWE-427
Uncontrolled Search Path Element
CWE-172
Encoding Error
CWE-680
Integer Overflow to Buffer Overflow
CWE-426
Untrusted Search Path
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-203
Observable Discrepancy
CWE-190
Integer Overflow or Wraparound
CWE-552
Files or Directories Accessible to External Parties
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-275
CWE-275
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-416
Use After Free
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-295
Improper Certificate Validation
CWE-668
Exposure of Resource to Wrong Sphere
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-918
Server-Side Request Forgery (SSRF)
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-681
Incorrect Conversion between Numeric Types
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-269
Improper Privilege Management
CWE-20
Improper Input Validation
CWE-87
Improper Neutralization of Alternate XSS Syntax
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-18
CWE-18
CWE-385
Covert Timing Channel
CWE-606
Unchecked Input for Loop Condition
CWE-192
Integer Coercion Error
CWE-390
Detection of Error Condition Without Action
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-222
Truncation of Security-relevant Information
CWE-131
Incorrect Calculation of Buffer Size
CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE-304
Missing Critical Step in Authentication
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.", "title": "Feiten" }, { "category": "description", "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens", "title": "Interpretaties" }, { "category": "description", "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Improper Handling of Length Parameter Inconsistency", "title": "CWE-130" }, { "category": "general", "text": "Observable Timing Discrepancy", "title": "CWE-208" }, { "category": "general", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" }, { "category": "general", "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)", "title": "CWE-88" }, { "category": "general", "text": "Improper Handling of Exceptional Conditions", "title": "CWE-755" }, { "category": "general", "text": "Excessive Iteration", "title": "CWE-834" }, { "category": "general", "text": "Inefficient Algorithmic Complexity", "title": "CWE-407" }, { "category": "general", "text": "Improper Handling of Case Sensitivity", "title": "CWE-178" }, { "category": "general", "text": "Incorrect Permission Assignment for Critical Resource", "title": "CWE-732" }, { "category": "general", "text": "Double Free", "title": "CWE-415" }, { "category": "general", "text": "Missing Encryption of Sensitive Data", "title": "CWE-311" }, { "category": "general", "text": "Uncontrolled Search Path Element", "title": "CWE-427" }, { "category": "general", "text": "Encoding Error", "title": "CWE-172" }, { "category": "general", "text": "Integer Overflow to Buffer Overflow", "title": "CWE-680" }, { "category": "general", "text": "Untrusted Search Path", "title": "CWE-426" }, { "category": "general", "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)", "title": "CWE-843" }, { "category": "general", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" }, { "category": "general", "text": "Insufficient Verification of Data Authenticity", "title": "CWE-345" }, { "category": "general", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" }, { "category": "general", "text": "Observable Discrepancy", "title": "CWE-203" }, { "category": "general", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "general", "text": "Files or Directories Accessible to External Parties", "title": "CWE-552" }, { "category": "general", "text": "Authorization Bypass Through User-Controlled Key", "title": "CWE-639" }, { "category": "general", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "general", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "general", "text": "CWE-275", "title": "CWE-275" }, { "category": "general", "text": "Improper Access Control", "title": "CWE-284" }, { "category": "general", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "general", "text": "Inefficient Regular Expression Complexity", "title": "CWE-1333" }, { "category": "general", "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "title": "CWE-1321" }, { "category": "general", "text": "Use After Free", "title": "CWE-416" }, { "category": "general", "text": "Missing Release of Memory after Effective Lifetime", "title": "CWE-401" }, { "category": "general", "text": "NULL Pointer Dereference", "title": "CWE-476" }, { "category": "general", "text": "Improper Certificate Validation", "title": "CWE-295" }, { "category": "general", "text": "Exposure of Resource to Wrong Sphere", "title": "CWE-668" }, { "category": "general", "text": "Inclusion of Functionality from Untrusted Control Sphere", "title": "CWE-829" }, { "category": "general", "text": "Use of a Broken or Risky Cryptographic Algorithm", "title": "CWE-327" }, { "category": "general", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "general", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" }, { "category": "general", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "general", "text": "Server-Side Request Forgery (SSRF)", "title": "CWE-918" }, { "category": "general", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" }, { "category": "general", "text": "Out-of-bounds Write", "title": "CWE-787" }, { "category": "general", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "general", "text": "Heap-based Buffer Overflow", "title": "CWE-122" }, { "category": "general", "text": "Stack-based Buffer Overflow", "title": "CWE-121" }, { "category": "general", "text": "Incorrect Conversion between Numeric Types", "title": "CWE-681" }, { "category": "general", "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "title": "CWE-835" }, { "category": "general", "text": "Improper Privilege Management", "title": "CWE-269" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "general", "text": "Improper Neutralization of Alternate XSS Syntax", "title": "CWE-87" }, { "category": "general", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" }, { "category": "general", "text": "CWE-18", "title": "CWE-18" }, { "category": "general", "text": "Covert Timing Channel", "title": "CWE-385" }, { "category": "general", "text": "Unchecked Input for Loop Condition", "title": "CWE-606" }, { "category": "general", "text": "Integer Coercion Error", "title": "CWE-192" }, { "category": "general", "text": "Detection of Error Condition Without Action", "title": "CWE-390" }, { "category": "general", "text": "Improperly Controlled Sequential Memory Allocation", "title": "CWE-1325" }, { "category": "general", "text": "Truncation of Security-relevant Information", "title": "CWE-222" }, { "category": "general", "text": "Incorrect Calculation of Buffer Size", "title": "CWE-131" }, { "category": "general", "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "title": "CWE-59" }, { "category": "general", "text": "Missing Critical Step in Authentication", "title": "CWE-304" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat", "url": "https://www.oracle.com/security-alerts/cpuoct2024.html" } ], "title": "Kwetsbaarheden verholpen in Oracle Database producten", "tracking": { "current_release_date": "2024-10-17T13:15:19.595269Z", "id": "NCSC-2024-0411", "initial_release_date": "2024-10-17T13:15:19.595269Z", "revision_history": [ { "date": "2024-10-17T13:15:19.595269Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "database_-_grid", "product": { "name": "database_-_grid", "product_id": "CSAFPID-1673504", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_grid", "product": { "name": "database_-_grid", "product_id": "CSAFPID-1673506", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_core", "product": { "name": "database_-_core", "product_id": "CSAFPID-1673386", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_core", "product": { "name": "database_-_core", "product_id": "CSAFPID-1673385", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_core", "product": { "name": "database_-_core", "product_id": "CSAFPID-1673442", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_security", "product": { "name": "database_-_security", "product_id": "CSAFPID-1673507", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_security", "product": { "name": "database_-_security", "product_id": "CSAFPID-1673509", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_security", "product": { "name": "database_-_security", "product_id": "CSAFPID-1673508", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph_mapviewer", "product": { "name": "spatial_and_graph_mapviewer", "product_id": "CSAFPID-912561", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-764250", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-1673511", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-1673512", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-816800", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-1673529", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "fleet_patching_and_provisioning_-_micronaut", "product": { "name": "fleet_patching_and_provisioning_-_micronaut", "product_id": "CSAFPID-1673492", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "fleet_patching_and_provisioning", "product": { "name": "fleet_patching_and_provisioning", "product_id": "CSAFPID-1503603", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_xml_database", "product": { "name": "database_-_xml_database", "product_id": "CSAFPID-1673445", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_xml_database", "product": { "name": "database_-_xml_database", "product_id": "CSAFPID-1673443", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_xml_database", "product": { "name": "database_-_xml_database", "product_id": "CSAFPID-1673444", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_java_vm", "product": { "name": "database_-_java_vm", "product_id": "CSAFPID-1673451", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_java_vm", "product": { "name": "database_-_java_vm", "product_id": "CSAFPID-1673450", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_java_vm", "product": { "name": "database_-_java_vm", "product_id": "CSAFPID-1673452", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-816798", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-816799", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-1673525", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912046", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-1503299", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816855", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816361", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912045", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-1503302", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912044", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-1503306", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816852", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912600", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816853", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912601", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816854", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sqlcl", "product": { "name": "sqlcl", "product_id": "CSAFPID-816801", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sqlcl", "product": { "name": "sqlcl", "product_id": "CSAFPID-1673405", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express_administration", "product": { "name": "application_express_administration", "product_id": "CSAFPID-764731", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express_customers_plugin", "product": { "name": "application_express_customers_plugin", "product_id": "CSAFPID-764732", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express_team_calendar_plugin", "product": { "name": "application_express_team_calendar_plugin", "product_id": "CSAFPID-764733", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-266119", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-1673510", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-1503575", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-1673188", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-765238", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-765239", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "blockchain_platform", "product": { "name": "blockchain_platform", "product_id": "CSAFPID-764779", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "blockchain_platform", "product": { "name": "blockchain_platform", "product_id": "CSAFPID-89587", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-765259", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-187448", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-94075", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-220886", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-611394", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-816317", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-912567", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-1503612", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-1673479", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_essbase", "product": { "name": "oracle_essbase", "product_id": "CSAFPID-1650506", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-816845", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-1650825", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-1673404", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-1650831", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data", "product": { "name": "goldengate_big_data", "product_id": "CSAFPID-764274", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-764752", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-1673384", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-220192", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-220193", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_studio", "product": { "name": "goldengate_studio", "product_id": "CSAFPID-816846", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_studio", "product": { "name": "goldengate_studio", "product_id": "CSAFPID-611390", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_studio", "product": { "name": "goldengate_studio", "product_id": "CSAFPID-764803", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_veridata", "product": { "name": "goldengate_veridata", "product_id": "CSAFPID-764275", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-342816", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1650767", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-485902", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1503736", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-219912", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1503739", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1650765", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1503738", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_goldengate_stream_analytics", "product": { "name": "oracle_goldengate_stream_analytics", "product_id": "CSAFPID-1650515", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "management_pack_for__goldengate", "product": { "name": "management_pack_for__goldengate", "product_id": "CSAFPID-764861", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "management_pack_for__goldengate", "product": { "name": "management_pack_for__goldengate", "product_id": "CSAFPID-1503640", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_goldengate_studio", "product": { "name": "oracle_goldengate_studio", "product_id": "CSAFPID-1650835", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_goldengate", "product": { "name": "oracle_goldengate", "product_id": "CSAFPID-1650575", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764813", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1503661", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1503663", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673497", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764764", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764765", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673491", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764766", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673495", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764767", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673493", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673489", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673488", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650757", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650758", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650761", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650760", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650759", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_nosql_database", "product": { "name": "oracle_nosql_database", "product_id": "CSAFPID-1650584", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_secure_backup", "product": { "name": "oracle_secure_backup", "product_id": "CSAFPID-1650563", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-667692", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-345049", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-611417", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-1673422", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_sql_developer", "product": { "name": "oracle_sql_developer", "product_id": "CSAFPID-1650638", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-764822", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-220643", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-816870", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-816871", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-1673397", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "oracle" }, { "branches": [ { "category": "product_name", "name": "oracle_application_express", "product": { "name": "oracle_application_express", "product_id": "CSAFPID-1673144", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "oracle_corporation" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-1471", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-220886", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764822", "CSAFPID-1650515", "CSAFPID-1650638", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-89587", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044" ] }, "references": [ { "category": "self", "summary": "CVE-2022-1471", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json" } ], "title": "CVE-2022-1471" }, { "cve": "CVE-2022-34169", "cwe": { "id": "CWE-192", "name": "Integer Coercion Error" }, "notes": [ { "category": "other", "text": "Integer Coercion Error", "title": "CWE-192" }, { "category": "other", "text": "Incorrect Conversion between Numeric Types", "title": "CWE-681" } ], "product_status": { "known_affected": [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2022-34169", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2022-34169" }, { "cve": "CVE-2022-36033", "cwe": { "id": "CWE-87", "name": "Improper Neutralization of Alternate XSS Syntax" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Alternate XSS Syntax", "title": "CWE-87" }, { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2022-36033", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2022-36033" }, { "cve": "CVE-2022-37454", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "other", "text": "Integer Overflow to Buffer Overflow", "title": "CWE-680" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861" ] }, "references": [ { "category": "self", "summary": "CVE-2022-37454", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-37454.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861" ] } ], "title": "CVE-2022-37454" }, { "cve": "CVE-2022-38136", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2022-38136", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38136.json" } ], "title": "CVE-2022-38136" }, { "cve": "CVE-2022-40196", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2022-40196", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40196.json" } ], "title": "CVE-2022-40196" }, { "cve": "CVE-2022-41342", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2022-41342", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41342.json" } ], "title": "CVE-2022-41342" }, { "cve": "CVE-2022-42919", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "other", "text": "Missing Encryption of Sensitive Data", "title": "CWE-311" }, { "category": "other", "text": "Improper Privilege Management", "title": "CWE-269" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2022-42919", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42919.json" } ], "title": "CVE-2022-42919" }, { "cve": "CVE-2022-45061", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Inefficient Algorithmic Complexity", "title": "CWE-407" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2022-45061", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45061.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587" ] } ], "title": "CVE-2022-45061" }, { "cve": "CVE-2022-46337", "product_status": { "known_affected": [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692" ] }, "references": [ { "category": "self", "summary": "CVE-2022-46337", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692" ] } ], "title": "CVE-2022-46337" }, { "cve": "CVE-2023-2976", "cwe": { "id": "CWE-552", "name": "Files or Directories Accessible to External Parties" }, "notes": [ { "category": "other", "text": "Files or Directories Accessible to External Parties", "title": "CWE-552" } ], "product_status": { "known_affected": [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-2976", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-2976" }, { "cve": "CVE-2023-4043", "cwe": { "id": "CWE-834", "name": "Excessive Iteration" }, "notes": [ { "category": "other", "text": "Excessive Iteration", "title": "CWE-834" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-4043", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-4043" }, { "cve": "CVE-2023-4759", "cwe": { "id": "CWE-59", "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)" }, "notes": [ { "category": "other", "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "title": "CWE-59" }, { "category": "other", "text": "Improper Handling of Case Sensitivity", "title": "CWE-178" } ], "product_status": { "known_affected": [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-4759", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-4759" }, { "cve": "CVE-2023-4863", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801" ] }, "references": [ { "category": "self", "summary": "CVE-2023-4863", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4863.json" } ], "title": "CVE-2023-4863" }, { "cve": "CVE-2023-5072", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-5072", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-5072" }, { "cve": "CVE-2023-26031", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "notes": [ { "category": "other", "text": "Untrusted Search Path", "title": "CWE-426" } ], "product_status": { "known_affected": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26031", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-26031" }, { "cve": "CVE-2023-26551", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26551", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26551.json" } ], "scores": [ { "cvss_v3": { "baseScore": 0.0, "baseSeverity": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26551" }, { "cve": "CVE-2023-26552", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26552", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26552" }, { "cve": "CVE-2023-26553", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26553", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26553" }, { "cve": "CVE-2023-26554", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26554", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26554" }, { "cve": "CVE-2023-26555", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26555", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26555.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26555" }, { "cve": "CVE-2023-28484", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] }, "references": [ { "category": "self", "summary": "CVE-2023-28484", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] } ], "title": "CVE-2023-28484" }, { "cve": "CVE-2023-29469", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "Double Free", "title": "CWE-415" } ], "product_status": { "known_affected": [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] }, "references": [ { "category": "self", "summary": "CVE-2023-29469", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] } ], "title": "CVE-2023-29469" }, { "cve": "CVE-2023-33201", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-33201", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-33201" }, { "cve": "CVE-2023-37920", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "other", "text": "Improper Certificate Validation", "title": "CWE-295" }, { "category": "other", "text": "Insufficient Verification of Data Authenticity", "title": "CWE-345" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612" ] }, "references": [ { "category": "self", "summary": "CVE-2023-37920", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612" ] } ], "title": "CVE-2023-37920" }, { "cve": "CVE-2023-39410", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] }, "references": [ { "category": "self", "summary": "CVE-2023-39410", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] } ], "title": "CVE-2023-39410" }, { "cve": "CVE-2023-44487", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-44487", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-44487" }, { "cve": "CVE-2023-44981", "cwe": { "id": "CWE-639", "name": "Authorization Bypass Through User-Controlled Key" }, "notes": [ { "category": "other", "text": "Authorization Bypass Through User-Controlled Key", "title": "CWE-639" } ], "product_status": { "known_affected": [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601" ] }, "references": [ { "category": "self", "summary": "CVE-2023-44981", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44981.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601" ] } ], "title": "CVE-2023-44981" }, { "cve": "CVE-2023-45288", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-45288", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45288.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-45288" }, { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "notes": [ { "category": "other", "text": "Truncation of Security-relevant Information", "title": "CWE-222" } ], "product_status": { "known_affected": [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-48795", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-48795" }, { "cve": "CVE-2023-49083", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-49083", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-49083" }, { "cve": "CVE-2023-51384", "cwe": { "id": "CWE-304", "name": "Missing Critical Step in Authentication" }, "notes": [ { "category": "other", "text": "Missing Critical Step in Authentication", "title": "CWE-304" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-51384", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-51384" }, { "cve": "CVE-2023-51385", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-51385", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-51385" }, { "cve": "CVE-2023-52425", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-52425", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-52425" }, { "cve": "CVE-2023-52426", "cwe": { "id": "CWE-776", "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)" }, "notes": [ { "category": "other", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-52426", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-52426" }, { "cve": "CVE-2024-1874", "cwe": { "id": "CWE-77", "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" }, { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-1874", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1874.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-1874" }, { "cve": "CVE-2024-2408", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "notes": [ { "category": "other", "text": "Observable Discrepancy", "title": "CWE-203" }, { "category": "other", "text": "Observable Timing Discrepancy", "title": "CWE-208" }, { "category": "other", "text": "Use of a Broken or Risky Cryptographic Algorithm", "title": "CWE-327" }, { "category": "other", "text": "Covert Timing Channel", "title": "CWE-385" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-2408", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2408.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-2408" }, { "cve": "CVE-2024-2511", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improperly Controlled Sequential Memory Allocation", "title": "CWE-1325" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-2511", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-2511" }, { "cve": "CVE-2024-4577", "cwe": { "id": "CWE-88", "name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)", "title": "CWE-88" }, { "category": "other", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-4577", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-4577" }, { "cve": "CVE-2024-4603", "cwe": { "id": "CWE-606", "name": "Unchecked Input for Loop Condition" }, "notes": [ { "category": "other", "text": "Unchecked Input for Loop Condition", "title": "CWE-606" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-4603", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-4603" }, { "cve": "CVE-2024-4741", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-4741", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-4741" }, { "cve": "CVE-2024-5458", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5458", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5458.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-5458" }, { "cve": "CVE-2024-5535", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" } ], "product_status": { "known_affected": [ "CSAFPID-1673508", "CSAFPID-1673525" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5535", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673508", "CSAFPID-1673525" ] } ], "title": "CVE-2024-5535" }, { "cve": "CVE-2024-5585", "cwe": { "id": "CWE-116", "name": "Improper Encoding or Escaping of Output" }, "notes": [ { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" }, { "category": "other", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" }, { "category": "other", "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)", "title": "CWE-88" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5585", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-5585" }, { "cve": "CVE-2024-6119", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)" }, "notes": [ { "category": "other", "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)", "title": "CWE-843" } ], "product_status": { "known_affected": [ "CSAFPID-1673508", "CSAFPID-1673525" ] }, "references": [ { "category": "self", "summary": "CVE-2024-6119", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673508", "CSAFPID-1673525" ] } ], "title": "CVE-2024-6119" }, { "cve": "CVE-2024-6232", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "notes": [ { "category": "other", "text": "Inefficient Regular Expression Complexity", "title": "CWE-1333" } ], "references": [ { "category": "self", "summary": "CVE-2024-6232", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json" } ], "title": "CVE-2024-6232" }, { "cve": "CVE-2024-7264", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512" ] }, "references": [ { "category": "self", "summary": "CVE-2024-7264", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512" ] } ], "title": "CVE-2024-7264" }, { "cve": "CVE-2024-7592", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2024-7592", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json" } ], "title": "CVE-2024-7592" }, { "cve": "CVE-2024-21131", "product_status": { "known_affected": [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21131", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21131.json" } ], "title": "CVE-2024-21131" }, { "cve": "CVE-2024-21138", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "notes": [ { "category": "other", "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "title": "CWE-835" } ], "product_status": { "known_affected": [ "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21138", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21138.json" } ], "title": "CVE-2024-21138" }, { "cve": "CVE-2024-21140", "product_status": { "known_affected": [ "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21140", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21140.json" } ], "title": "CVE-2024-21140" }, { "cve": "CVE-2024-21144", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21144", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21144.json" } ], "title": "CVE-2024-21144" }, { "cve": "CVE-2024-21145", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21145", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21145.json" } ], "title": "CVE-2024-21145" }, { "cve": "CVE-2024-21147", "product_status": { "known_affected": [ "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21147", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21147.json" } ], "title": "CVE-2024-21147" }, { "cve": "CVE-2024-21233", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21233", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21233.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-21233" }, { "cve": "CVE-2024-21242", "product_status": { "known_affected": [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21242", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21242.json" } ], "scores": [ { "cvss_v3": { "baseScore": 3.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445" ] } ], "title": "CVE-2024-21242" }, { "cve": "CVE-2024-21251", "product_status": { "known_affected": [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21251", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21251.json" } ], "scores": [ { "cvss_v3": { "baseScore": 3.1, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452" ] } ], "title": "CVE-2024-21251" }, { "cve": "CVE-2024-21261", "product_status": { "known_affected": [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21261", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21261.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-21261" }, { "cve": "CVE-2024-22018", "cwe": { "id": "CWE-275", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-275", "title": "CWE-275" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22018", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-22018" }, { "cve": "CVE-2024-22020", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22020", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-22020" }, { "cve": "CVE-2024-22201", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22201", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-22201" }, { "cve": "CVE-2024-23807", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-23807", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-23807" }, { "cve": "CVE-2024-23944", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-23944", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23944.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-23944" }, { "cve": "CVE-2024-24989", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-24989", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24989.json" } ], "title": "CVE-2024-24989" }, { "cve": "CVE-2024-24990", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-24990", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24990.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-24990" }, { "cve": "CVE-2024-25710", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "notes": [ { "category": "other", "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "title": "CWE-835" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-25710", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-25710" }, { "cve": "CVE-2024-26130", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-26130", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-26130" }, { "cve": "CVE-2024-26308", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-26308", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-26308" }, { "cve": "CVE-2024-27983", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-27983", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-27983" }, { "cve": "CVE-2024-28182", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Detection of Error Condition Without Action", "title": "CWE-390" }, { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-28182", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-28182" }, { "cve": "CVE-2024-28849", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-28849", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-28849" }, { "cve": "CVE-2024-28887", "cwe": { "id": "CWE-427", "name": "Uncontrolled Search Path Element" }, "notes": [ { "category": "other", "text": "Uncontrolled Search Path Element", "title": "CWE-427" } ], "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-28887", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28887.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-28887" }, { "cve": "CVE-2024-29025", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29025", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-29025" }, { "cve": "CVE-2024-29131", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29131", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-29131" }, { "cve": "CVE-2024-29133", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29133", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-29133" }, { "cve": "CVE-2024-31079", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Stack-based Buffer Overflow", "title": "CWE-121" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-31079", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31079.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-31079" }, { "cve": "CVE-2024-32760", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-32760", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-32760" }, { "cve": "CVE-2024-34161", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "other", "text": "Missing Release of Memory after Effective Lifetime", "title": "CWE-401" }, { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-34161", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34161.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-34161" }, { "cve": "CVE-2024-34750", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "other", "text": "Improper Handling of Exceptional Conditions", "title": "CWE-755" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1673504", "CSAFPID-1673506" ] }, "references": [ { "category": "self", "summary": "CVE-2024-34750", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673504", "CSAFPID-1673506" ] } ], "title": "CVE-2024-34750" }, { "cve": "CVE-2024-35200", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-35200", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35200.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-35200" }, { "cve": "CVE-2024-36137", "cwe": { "id": "CWE-275", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-275", "title": "CWE-275" }, { "category": "other", "text": "Incorrect Permission Assignment for Critical Resource", "title": "CWE-732" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-36137", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-36137" }, { "cve": "CVE-2024-36138", "cwe": { "id": "CWE-77", "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-36138", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json" } ], "title": "CVE-2024-36138" }, { "cve": "CVE-2024-36387", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-36387", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-36387" }, { "cve": "CVE-2024-37370", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "notes": [ { "category": "other", "text": "Improper Handling of Length Parameter Inconsistency", "title": "CWE-130" } ], "product_status": { "known_affected": [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509" ] }, "references": [ { "category": "self", "summary": "CVE-2024-37370", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509" ] } ], "title": "CVE-2024-37370" }, { "cve": "CVE-2024-37371", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "notes": [ { "category": "other", "text": "Improper Handling of Length Parameter Inconsistency", "title": "CWE-130" } ], "product_status": { "known_affected": [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509" ] }, "references": [ { "category": "self", "summary": "CVE-2024-37371", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509" ] } ], "title": "CVE-2024-37371" }, { "cve": "CVE-2024-37372", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-37372", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37372.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-37372" }, { "cve": "CVE-2024-38356", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38356", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38356.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-38356" }, { "cve": "CVE-2024-38357", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38357", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38357.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-38357" }, { "cve": "CVE-2024-38472", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "notes": [ { "category": "other", "text": "Server-Side Request Forgery (SSRF)", "title": "CWE-918" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38472", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38472" }, { "cve": "CVE-2024-38473", "cwe": { "id": "CWE-172", "name": "Encoding Error" }, "notes": [ { "category": "other", "text": "Encoding Error", "title": "CWE-172" }, { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38473", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38473" }, { "cve": "CVE-2024-38474", "cwe": { "id": "CWE-172", "name": "Encoding Error" }, "notes": [ { "category": "other", "text": "Encoding Error", "title": "CWE-172" }, { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38474", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38474" }, { "cve": "CVE-2024-38475", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "other", "text": "Improper Access Control", "title": "CWE-284" }, { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38475", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38475" }, { "cve": "CVE-2024-38476", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Inclusion of Functionality from Untrusted Control Sphere", "title": "CWE-829" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38476", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38476" }, { "cve": "CVE-2024-38477", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38477", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38477" }, { "cve": "CVE-2024-38998", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "notes": [ { "category": "other", "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "title": "CWE-1321" } ], "product_status": { "known_affected": [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38998", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-38998" }, { "cve": "CVE-2024-38999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "notes": [ { "category": "other", "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "title": "CWE-1321" } ], "product_status": { "known_affected": [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38999", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json" } ], "scores": [ { "cvss_v3": { "baseScore": 10.0, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-38999" }, { "cve": "CVE-2024-39573", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "notes": [ { "category": "other", "text": "Server-Side Request Forgery (SSRF)", "title": "CWE-918" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-39573", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-39573" }, { "cve": "CVE-2024-39884", "cwe": { "id": "CWE-18", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-18", "title": "CWE-18" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-39884", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39884.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-39884" }, { "cve": "CVE-2024-40725", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Exposure of Resource to Wrong Sphere", "title": "CWE-668" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40725", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40725.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479" ] } ], "title": "CVE-2024-40725" }, { "cve": "CVE-2024-40898", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "notes": [ { "category": "other", "text": "Server-Side Request Forgery (SSRF)", "title": "CWE-918" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40898", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479" ] } ], "title": "CVE-2024-40898" }, { "cve": "CVE-2024-45490", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "other", "text": "Incorrect Calculation of Buffer Size", "title": "CWE-131" } ], "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-45490", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-45490" }, { "cve": "CVE-2024-45491", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" } ], "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-45491", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-45491" }, { "cve": "CVE-2024-45492", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" } ], "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-45492", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-45492" }, { "cve": "CVE-2024-45801", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "notes": [ { "category": "other", "text": "Inefficient Regular Expression Complexity", "title": "CWE-1333" }, { "category": "other", "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "title": "CWE-1321" } ], "product_status": { "known_affected": [ "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-45801", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-45801" } ] }
wid-sec-w-2024-1248
Vulnerability from csaf_certbund
Published
2024-05-28 22:00
Modified
2024-05-28 22:00
Summary
Xerox FreeFlow Print Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "FreeFlow-Druckserver ist eine Druckserveranwendung f\u00fcr Xerox-Produktionsdrucker, die Flexibilit\u00e4t, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden", "title": "Angriff" }, { "category": "general", "text": "- Sonstiges\n- UNIX\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-1248 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1248.json" }, { "category": "self", "summary": "WID-SEC-2024-1248 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1248" }, { "category": "external", "summary": "Xerox Security Bulletin XRX24-010 vom 2024-05-28", "url": "https://security.business.xerox.com/wp-content/uploads/2024/05/Xerox-Security-Bulletin-XRX24-010-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v7.pdf" } ], "source_lang": "en-US", "title": "Xerox FreeFlow Print Server: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-05-28T22:00:00.000+00:00", "generator": { "date": "2024-05-29T10:05:59.154+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-1248", "initial_release_date": "2024-05-28T22:00:00.000+00:00", "revision_history": [ { "date": "2024-05-28T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "v7", "product": { "name": "Xerox FreeFlow Print Server v7", "product_id": "T035098", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:v7" } } } ], "category": "product_name", "name": "FreeFlow Print Server" } ], "category": "vendor", "name": "Xerox" } ] }, "vulnerabilities": [ { "cve": "CVE-2014-10401", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2014-10401" }, { "cve": "CVE-2014-10402", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2014-10402" }, { "cve": "CVE-2020-22218", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2020-22218" }, { "cve": "CVE-2020-27545", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2020-27545" }, { "cve": "CVE-2020-28162", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2020-28162" }, { "cve": "CVE-2020-28163", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2020-28163" }, { "cve": "CVE-2022-22817", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2022-22817" }, { "cve": "CVE-2022-32200", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2022-32200" }, { "cve": "CVE-2022-34299", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2022-34299" }, { "cve": "CVE-2022-39170", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2022-39170" }, { "cve": "CVE-2022-40982", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2022-40982" }, { "cve": "CVE-2022-46285", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2022-46285" }, { "cve": "CVE-2022-46344", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2022-46344" }, { "cve": "CVE-2023-22053", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-22053" }, { "cve": "CVE-2023-27371", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-27371" }, { "cve": "CVE-2023-34872", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-34872" }, { "cve": "CVE-2023-38408", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-38408" }, { "cve": "CVE-2023-38709", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-38709" }, { "cve": "CVE-2023-39326", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-39326" }, { "cve": "CVE-2023-39615", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-39615" }, { "cve": "CVE-2023-40305", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-40305" }, { "cve": "CVE-2023-40745", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-40745" }, { "cve": "CVE-2023-41175", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-41175" }, { "cve": "CVE-2023-43785", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-43785" }, { "cve": "CVE-2023-43786", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-43786" }, { "cve": "CVE-2023-43787", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-43787" }, { "cve": "CVE-2023-43788", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-43788" }, { "cve": "CVE-2023-43789", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-43789" }, { "cve": "CVE-2023-4408", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-4408" }, { "cve": "CVE-2023-44487", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-44487" }, { "cve": "CVE-2023-45285", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-45285" }, { "cve": "CVE-2023-46589", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-46589" }, { "cve": "CVE-2023-46728", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-46728" }, { "cve": "CVE-2023-4675", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-4675" }, { "cve": "CVE-2023-46751", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-46751" }, { "cve": "CVE-2023-46809", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-46809" }, { "cve": "CVE-2023-46846", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-46846" }, { "cve": "CVE-2023-46847", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-46847" }, { "cve": "CVE-2023-46848", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-46848" }, { "cve": "CVE-2023-47038", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-47038" }, { "cve": "CVE-2023-47100", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-47100" }, { "cve": "CVE-2023-48795", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-48795" }, { "cve": "CVE-2023-49285", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49285" }, { "cve": "CVE-2023-49286", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49286" }, { "cve": "CVE-2023-49288", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49288" }, { "cve": "CVE-2023-49990", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49990" }, { "cve": "CVE-2023-49991", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49991" }, { "cve": "CVE-2023-49992", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49992" }, { "cve": "CVE-2023-49993", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49993" }, { "cve": "CVE-2023-49994", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49994" }, { "cve": "CVE-2023-50387", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-50387" }, { "cve": "CVE-2023-50447", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-50447" }, { "cve": "CVE-2023-50761", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-50761" }, { "cve": "CVE-2023-50762", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-50762" }, { "cve": "CVE-2023-50868", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-50868" }, { "cve": "CVE-2023-51384", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-51384" }, { "cve": "CVE-2023-51385", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-51385" }, { "cve": "CVE-2023-51713", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-51713" }, { "cve": "CVE-2023-51765", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-51765" }, { "cve": "CVE-2023-52355", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-52355" }, { "cve": "CVE-2023-52356", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-52356" }, { "cve": "CVE-2023-5363", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5363" }, { "cve": "CVE-2023-5367", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5367" }, { "cve": "CVE-2023-5371", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5371" }, { "cve": "CVE-2023-5380", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5380" }, { "cve": "CVE-2023-5388", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5388" }, { "cve": "CVE-2023-5517", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5517" }, { "cve": "CVE-2023-5574", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5574" }, { "cve": "CVE-2023-5679", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5679" }, { "cve": "CVE-2023-5764", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5764" }, { "cve": "CVE-2023-5824", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5824" }, { "cve": "CVE-2023-6174", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6174" }, { "cve": "CVE-2023-6175", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6175" }, { "cve": "CVE-2023-6377", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6377" }, { "cve": "CVE-2023-6478", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6478" }, { "cve": "CVE-2023-6516", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6516" }, { "cve": "CVE-2023-6856", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6856" }, { "cve": "CVE-2023-6857", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6857" }, { "cve": "CVE-2023-6858", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6858" }, { "cve": "CVE-2023-6859", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6859" }, { "cve": "CVE-2023-6860", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6860" }, { "cve": "CVE-2023-6861", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6861" }, { "cve": "CVE-2023-6862", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6862" }, { "cve": "CVE-2023-6863", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6863" }, { "cve": "CVE-2023-6864", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6864" }, { "cve": "CVE-2023-6865", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6865" }, { "cve": "CVE-2023-6867", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6867" }, { "cve": "CVE-2024-0207", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0207" }, { "cve": "CVE-2024-0208", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0208" }, { "cve": "CVE-2024-0209", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0209" }, { "cve": "CVE-2024-0210", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0210" }, { "cve": "CVE-2024-0211", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0211" }, { "cve": "CVE-2024-0727", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0727" }, { "cve": "CVE-2024-0741", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0741" }, { "cve": "CVE-2024-0742", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0742" }, { "cve": "CVE-2024-0743", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0743" }, { "cve": "CVE-2024-0746", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0746" }, { "cve": "CVE-2024-0747", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0747" }, { "cve": "CVE-2024-0749", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0749" }, { "cve": "CVE-2024-0750", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0750" }, { "cve": "CVE-2024-0751", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0751" }, { "cve": "CVE-2024-0753", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0753" }, { "cve": "CVE-2024-0755", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0755" }, { "cve": "CVE-2024-1546", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1546" }, { "cve": "CVE-2024-1547", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1547" }, { "cve": "CVE-2024-1548", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1548" }, { "cve": "CVE-2024-1549", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1549" }, { "cve": "CVE-2024-1550", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1550" }, { "cve": "CVE-2024-1551", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1551" }, { "cve": "CVE-2024-1552", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1552" }, { "cve": "CVE-2024-1553", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1553" }, { "cve": "CVE-2024-20999", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-20999" }, { "cve": "CVE-2024-21011", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21011" }, { "cve": "CVE-2024-21059", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21059" }, { "cve": "CVE-2024-21068", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21068" }, { "cve": "CVE-2024-21085", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21085" }, { "cve": "CVE-2024-21094", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21094" }, { "cve": "CVE-2024-21105", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21105" }, { "cve": "CVE-2024-21890", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21890" }, { "cve": "CVE-2024-21891", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21891" }, { "cve": "CVE-2024-21896", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21896" }, { "cve": "CVE-2024-22019", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-22019" }, { "cve": "CVE-2024-22195", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-22195" }, { "cve": "CVE-2024-24680", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-24680" }, { "cve": "CVE-2024-24795", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-24795" }, { "cve": "CVE-2024-24806", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-24806" }, { "cve": "CVE-2024-25617", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-25617" }, { "cve": "CVE-2024-2605", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2605" }, { "cve": "CVE-2024-2607", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2607" }, { "cve": "CVE-2024-2608", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2608" }, { "cve": "CVE-2024-2610", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2610" }, { "cve": "CVE-2024-2611", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2611" }, { "cve": "CVE-2024-2612", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2612" }, { "cve": "CVE-2024-2614", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2614" }, { "cve": "CVE-2024-2616", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2616" }, { "cve": "CVE-2024-27316", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-27316" } ] }
WID-SEC-W-2024-1082
Vulnerability from csaf_certbund
Published
2024-05-09 22:00
Modified
2024-05-09 22:00
Summary
Juniper JUNOS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS im Zusammenhang mit OpenSSH ausnutzen, um Sicherheitsmaßnahmen zu umgehen, beliebigen Code auszuführen oder Dateien zu manipulieren.
Betroffene Betriebssysteme
- Juniper Appliance
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS im Zusammenhang mit OpenSSH ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren.", "title": "Angriff" }, { "category": "general", "text": "- Juniper Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-1082 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1082.json" }, { "category": "self", "summary": "WID-SEC-2024-1082 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1082" }, { "category": "external", "summary": "Juniper Security Advisory vom 2024-05-09", "url": "https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH" } ], "source_lang": "en-US", "title": "Juniper JUNOS: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-05-09T22:00:00.000+00:00", "generator": { "date": "2024-05-10T10:02:55.006+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-1082", "initial_release_date": "2024-05-09T22:00:00.000+00:00", "revision_history": [ { "date": "2024-05-09T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003e=19.4R1", "product": { "name": "Juniper JUNOS \u003e=19.4R1", "product_id": "T034677", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:19.4r1" } } }, { "category": "product_version_range", "name": "Evolved \u003e=22.3R1", "product": { "name": "Juniper JUNOS Evolved \u003e=22.3R1", "product_id": "T034678", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:evolved__22.3r1" } } } ], "category": "product_name", "name": "JUNOS" } ], "category": "vendor", "name": "Juniper" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-20012", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2016-20012" }, { "cve": "CVE-2017-15906", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2017-15906" }, { "cve": "CVE-2018-15473", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2018-15473" }, { "cve": "CVE-2018-15919", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2018-15919" }, { "cve": "CVE-2018-20685", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2018-20685" }, { "cve": "CVE-2019-6109", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2019-6109" }, { "cve": "CVE-2019-6110", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2019-6110" }, { "cve": "CVE-2019-6111", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2019-6111" }, { "cve": "CVE-2020-12062", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2020-12062" }, { "cve": "CVE-2020-14145", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2020-14145" }, { "cve": "CVE-2020-15778", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2020-15778" }, { "cve": "CVE-2021-28041", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2021-28041" }, { "cve": "CVE-2021-36368", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2021-36368" }, { "cve": "CVE-2021-41617", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2021-41617" }, { "cve": "CVE-2023-28531", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2023-28531" }, { "cve": "CVE-2023-38408", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2023-38408" }, { "cve": "CVE-2023-48795", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2023-48795" }, { "cve": "CVE-2023-51384", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2023-51384" }, { "cve": "CVE-2023-51385", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2023-51385" } ] }
wid-sec-w-2023-3182
Vulnerability from csaf_certbund
Published
2023-12-19 23:00
Modified
2024-07-23 22:00
Summary
OpenSSH: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.
Angriff
Ein Angreifer kann mehrere Schwachstellen in OpenSSH ausnutzen, um Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in OpenSSH ausnutzen, um Informationen offenzulegen.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-3182 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3182.json" }, { "category": "self", "summary": "WID-SEC-2023-3182 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3182" }, { "category": "external", "summary": "Rocky Linux Security Advisory RLSA-2024:0606 vom 2024-02-12", "url": "https://errata.build.resf.org/RLSA-2024:0606" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0604-1 vom 2024-02-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/018001.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0603-1 vom 2024-02-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/018002.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0429 vom 2024-01-25", "url": "https://access.redhat.com/errata/RHSA-2024:0429" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0455 vom 2024-01-25", "url": "https://access.redhat.com/errata/RHSA-2024:0455" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1130 vom 2024-03-06", "url": "https://access.redhat.com/errata/RHSA-2024:1130" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12164 vom 2024-02-15", "url": "https://linux.oracle.com/errata/ELSA-2024-12164.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0606 vom 2024-01-30", "url": "https://access.redhat.com/errata/RHSA-2024:0606" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0594 vom 2024-01-30", "url": "https://access.redhat.com/errata/RHSA-2024:0594" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6560-2 vom 2024-01-11", "url": "https://ubuntu.com/security/notices/USN-6560-2" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-0606 vom 2024-02-01", "url": "https://linux.oracle.com/errata/ELSA-2024-0606.html" }, { "category": "external", "summary": "IBM Security Bulletin 7125640 vom 2024-02-28", "url": "https://www.ibm.com/support/pages/node/7125640" }, { "category": "external", "summary": "RedHat Bugzilla vom 2023-12-19", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255268" }, { "category": "external", "summary": "RedHat Bugzilla vom 2023-12-19", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255271" }, { "category": "external", "summary": "OpenSSH Release Notes vom 2023-12-19", "url": "https://www.openssh.com/txt/release-9.6" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-1130 vom 2024-03-06", "url": "https://linux.oracle.com/errata/ELSA-2024-1130.html" }, { "category": "external", "summary": "Debian Security Advisory DSA-5586 vom 2023-12-22", "url": "https://lists.debian.org/debian-security-announce/2023/msg00283.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-3694 vom 2023-12-26", "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html" }, { "category": "external", "summary": "Gentoo Linux Security Advisory GLSA-202312-17 vom 2023-12-28", "url": "https://security.gentoo.org/glsa/202312-17" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6565-1 vom 2024-01-03", "url": "https://ubuntu.com/security/notices/USN-6565-1" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0596-1 vom 2024-02-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017998.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1433 vom 2024-03-20", "url": "https://access.redhat.com/errata/RHSA-2024:1433" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1383 vom 2024-03-19", "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "external", "summary": "IBM Security Bulletin 7144861 vom 2024-03-20", "url": "https://www.ibm.com/support/pages/node/7144861" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2024-2507 vom 2024-04-01", "url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2507.html" }, { "category": "external", "summary": "IBM Security Bulletin 7148094 vom 2024-04-11", "url": "https://www.ibm.com/support/pages/node/7148094" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08", "url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-=" }, { "category": "external", "summary": "HPE Security Bulletin", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesb3p04641en_us" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2393-1 vom 2024-07-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018919.html" }, { "category": "external", "summary": "IBM Security Bulletin 7160492 vom 2024-07-17", "url": "https://www.ibm.com/support/pages/node/7160492" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-239 vom 2024-07-18", "url": "https://www.dell.com/support/kbdoc/de-de/000227051/dsa-2024-239-security-update-dell-ecs-3-8-1-1-for-multiple-security-vulnerabilities" }, { "category": "external", "summary": "HPE Security Bulletin vom 2024-07-23", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04673en_us\u0026docLocale=en_US" } ], "source_lang": "en-US", "title": "OpenSSH: Mehrere Schwachstellen erm\u00f6glichen Offenlegung von Informationen", "tracking": { "current_release_date": "2024-07-23T22:00:00.000+00:00", "generator": { "date": "2024-07-24T09:10:20.466+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-3182", "initial_release_date": "2023-12-19T23:00:00.000+00:00", "revision_history": [ { "date": "2023-12-19T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-12-26T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2023-12-27T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Gentoo aufgenommen" }, { "date": "2024-01-03T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-01-11T23:00:00.000+00:00", "number": "5", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-01-25T23:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-01-30T23:00:00.000+00:00", "number": "7", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-02-01T23:00:00.000+00:00", "number": "8", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-02-12T23:00:00.000+00:00", "number": "9", "summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen" }, { "date": "2024-02-14T23:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-02-22T23:00:00.000+00:00", "number": "11", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-02-25T23:00:00.000+00:00", "number": "12", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-02-28T23:00:00.000+00:00", "number": "13", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-03-05T23:00:00.000+00:00", "number": "14", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-03-06T23:00:00.000+00:00", "number": "15", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-03-19T23:00:00.000+00:00", "number": "16", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-03-20T23:00:00.000+00:00", "number": "17", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-04-01T22:00:00.000+00:00", "number": "18", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2024-04-11T22:00:00.000+00:00", "number": "19", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-05-07T22:00:00.000+00:00", "number": "20", "summary": "Neue Updates von Dell aufgenommen" }, { "date": "2024-06-02T22:00:00.000+00:00", "number": "21", "summary": "Neue Updates von HP aufgenommen" }, { "date": "2024-07-10T22:00:00.000+00:00", "number": "22", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-07-17T22:00:00.000+00:00", "number": "23", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-07-18T22:00:00.000+00:00", "number": "24", "summary": "Neue Updates von Dell aufgenommen" }, { "date": "2024-07-23T22:00:00.000+00:00", "number": "25", "summary": "Neue Updates von HP aufgenommen" } ], "status": "final", "version": "25" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "category": "product_name", "name": "Aruba EdgeConnect", "product": { "name": "Aruba EdgeConnect", "product_id": "T027755", "product_identification_helper": { "cpe": "cpe:/a:aruba:edgeconnect:-" } } }, { "category": "product_name", "name": "Aruba Switch", "product": { "name": "Aruba Switch", "product_id": "T033685", "product_identification_helper": { "cpe": "cpe:/h:arubanetworks:switch:-" } } } ], "category": "vendor", "name": "Aruba" }, { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c3.8.1.1", "product": { "name": "Dell ECS \u003c3.8.1.1", "product_id": "T036366", "product_identification_helper": { "cpe": "cpe:/h:dell:ecs:3.8.1.1" } } } ], "category": "product_name", "name": "ECS" }, { "branches": [ { "category": "product_version", "name": "virtual", "product": { "name": "Dell NetWorker virtual", "product_id": "T034583", "product_identification_helper": { "cpe": "cpe:/a:dell:networker:virtual" } } } ], "category": "product_name", "name": "NetWorker" } ], "category": "vendor", "name": "Dell" }, { "branches": [ { "category": "product_name", "name": "EMC Avamar", "product": { "name": "EMC Avamar", "product_id": "T014381", "product_identification_helper": { "cpe": "cpe:/a:emc:avamar:-" } } } ], "category": "vendor", "name": "EMC" }, { "branches": [ { "category": "product_name", "name": "Gentoo Linux", "product": { "name": "Gentoo Linux", "product_id": "T012167", "product_identification_helper": { "cpe": "cpe:/o:gentoo:linux:-" } } } ], "category": "vendor", "name": "Gentoo" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "7.3", "product": { "name": "IBM AIX 7.3", "product_id": "1139691", "product_identification_helper": { "cpe": "cpe:/o:ibm:aix:7.3" } } }, { "category": "product_version", "name": "7.2", "product": { "name": "IBM AIX 7.2", "product_id": "434967", "product_identification_helper": { "cpe": "cpe:/o:ibm:aix:7.2" } } } ], "category": "product_name", "name": "AIX" }, { "branches": [ { "category": "product_version", "name": "7.5", "product": { "name": "IBM QRadar SIEM 7.5", "product_id": "T022954", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:7.5" } } } ], "category": "product_name", "name": "QRadar SIEM" }, { "branches": [ { "category": "product_version", "name": "12", "product": { "name": "IBM Security Guardium 12.0", "product_id": "T031092", "product_identification_helper": { "cpe": "cpe:/a:ibm:security_guardium:12.0" } } } ], "category": "product_name", "name": "Security Guardium" }, { "branches": [ { "category": "product_version", "name": "Plus 10.1", "product": { "name": "IBM Spectrum Protect Plus 10.1", "product_id": "T015895", "product_identification_helper": { "cpe": "cpe:/a:ibm:spectrum_protect:plus_10.1" } } } ], "category": "product_name", "name": "Spectrum Protect" }, { "branches": [ { "category": "product_version", "name": "3.1", "product": { "name": "IBM VIOS 3.1", "product_id": "1039165", "product_identification_helper": { "cpe": "cpe:/a:ibm:vios:3.1" } } }, { "category": "product_version", "name": "4.1", "product": { "name": "IBM VIOS 4.1", "product_id": "1522854", "product_identification_helper": { "cpe": "cpe:/a:ibm:vios:4.1" } } } ], "category": "product_name", "name": "VIOS" } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c9.6", "product": { "name": "Open Source OpenSSH \u003c9.6", "product_id": "T031748", "product_identification_helper": { "cpe": "cpe:/a:openbsd:openssh:9.6" } } } ], "category": "product_name", "name": "OpenSSH" } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "RESF Rocky Linux", "product": { "name": "RESF Rocky Linux", "product_id": "T032255", "product_identification_helper": { "cpe": "cpe:/o:resf:rocky_linux:-" } } } ], "category": "vendor", "name": "RESF" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-51384", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in OpenSSH. Wenn beim Hinzuf\u00fcgen von PKCS#11-gehosteten privaten Schl\u00fcsseln Zielbeschr\u00e4nkungen angegeben werden, gelten die Beschr\u00e4nkungen nur f\u00fcr den ersten Schl\u00fcssel, selbst in F\u00e4llen, in denen das Token mehrere Schl\u00fcssel liefert. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "434967", "1039165", "T034583", "T036366", "1522854", "T012167", "T015895", "T004914", "T032255", "T033685", "T022954", "1139691", "T014381", "2951", "T002207", "T000126", "T031092", "T027755", "398363" ] }, "release_date": "2023-12-19T23:00:00Z", "title": "CVE-2023-51384" }, { "cve": "CVE-2023-51385", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in OpenSSH. Dieses Problem besteht bei der Verwendung von Expansions-Token (z.B. %u, %h) mit Benutzernamen oder Hostnamen, die die Shell-Metazeichen enthalten. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen." } ], "product_status": { "known_affected": [ "67646", "434967", "1039165", "T034583", "T036366", "1522854", "T012167", "T015895", "T004914", "T032255", "T033685", "T022954", "1139691", "T014381", "2951", "T002207", "T000126", "T031092", "T027755", "398363" ] }, "release_date": "2023-12-19T23:00:00Z", "title": "CVE-2023-51385" } ] }
WID-SEC-W-2024-1248
Vulnerability from csaf_certbund
Published
2024-05-28 22:00
Modified
2024-05-28 22:00
Summary
Xerox FreeFlow Print Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "FreeFlow-Druckserver ist eine Druckserveranwendung f\u00fcr Xerox-Produktionsdrucker, die Flexibilit\u00e4t, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden", "title": "Angriff" }, { "category": "general", "text": "- Sonstiges\n- UNIX\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-1248 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1248.json" }, { "category": "self", "summary": "WID-SEC-2024-1248 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1248" }, { "category": "external", "summary": "Xerox Security Bulletin XRX24-010 vom 2024-05-28", "url": "https://security.business.xerox.com/wp-content/uploads/2024/05/Xerox-Security-Bulletin-XRX24-010-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v7.pdf" } ], "source_lang": "en-US", "title": "Xerox FreeFlow Print Server: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-05-28T22:00:00.000+00:00", "generator": { "date": "2024-05-29T10:05:59.154+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-1248", "initial_release_date": "2024-05-28T22:00:00.000+00:00", "revision_history": [ { "date": "2024-05-28T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "v7", "product": { "name": "Xerox FreeFlow Print Server v7", "product_id": "T035098", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:v7" } } } ], "category": "product_name", "name": "FreeFlow Print Server" } ], "category": "vendor", "name": "Xerox" } ] }, "vulnerabilities": [ { "cve": "CVE-2014-10401", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2014-10401" }, { "cve": "CVE-2014-10402", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2014-10402" }, { "cve": "CVE-2020-22218", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2020-22218" }, { "cve": "CVE-2020-27545", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2020-27545" }, { "cve": "CVE-2020-28162", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2020-28162" }, { "cve": "CVE-2020-28163", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2020-28163" }, { "cve": "CVE-2022-22817", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2022-22817" }, { "cve": "CVE-2022-32200", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2022-32200" }, { "cve": "CVE-2022-34299", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2022-34299" }, { "cve": "CVE-2022-39170", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2022-39170" }, { "cve": "CVE-2022-40982", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2022-40982" }, { "cve": "CVE-2022-46285", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2022-46285" }, { "cve": "CVE-2022-46344", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2022-46344" }, { "cve": "CVE-2023-22053", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-22053" }, { "cve": "CVE-2023-27371", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-27371" }, { "cve": "CVE-2023-34872", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-34872" }, { "cve": "CVE-2023-38408", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-38408" }, { "cve": "CVE-2023-38709", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-38709" }, { "cve": "CVE-2023-39326", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-39326" }, { "cve": "CVE-2023-39615", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-39615" }, { "cve": "CVE-2023-40305", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-40305" }, { "cve": "CVE-2023-40745", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-40745" }, { "cve": "CVE-2023-41175", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-41175" }, { "cve": "CVE-2023-43785", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-43785" }, { "cve": "CVE-2023-43786", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-43786" }, { "cve": "CVE-2023-43787", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-43787" }, { "cve": "CVE-2023-43788", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-43788" }, { "cve": "CVE-2023-43789", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-43789" }, { "cve": "CVE-2023-4408", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-4408" }, { "cve": "CVE-2023-44487", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-44487" }, { "cve": "CVE-2023-45285", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-45285" }, { "cve": "CVE-2023-46589", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-46589" }, { "cve": "CVE-2023-46728", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-46728" }, { "cve": "CVE-2023-4675", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-4675" }, { "cve": "CVE-2023-46751", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-46751" }, { "cve": "CVE-2023-46809", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-46809" }, { "cve": "CVE-2023-46846", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-46846" }, { "cve": "CVE-2023-46847", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-46847" }, { "cve": "CVE-2023-46848", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-46848" }, { "cve": "CVE-2023-47038", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-47038" }, { "cve": "CVE-2023-47100", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-47100" }, { "cve": "CVE-2023-48795", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-48795" }, { "cve": "CVE-2023-49285", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49285" }, { "cve": "CVE-2023-49286", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49286" }, { "cve": "CVE-2023-49288", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49288" }, { "cve": "CVE-2023-49990", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49990" }, { "cve": "CVE-2023-49991", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49991" }, { "cve": "CVE-2023-49992", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49992" }, { "cve": "CVE-2023-49993", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49993" }, { "cve": "CVE-2023-49994", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-49994" }, { "cve": "CVE-2023-50387", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-50387" }, { "cve": "CVE-2023-50447", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-50447" }, { "cve": "CVE-2023-50761", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-50761" }, { "cve": "CVE-2023-50762", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-50762" }, { "cve": "CVE-2023-50868", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-50868" }, { "cve": "CVE-2023-51384", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-51384" }, { "cve": "CVE-2023-51385", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-51385" }, { "cve": "CVE-2023-51713", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-51713" }, { "cve": "CVE-2023-51765", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-51765" }, { "cve": "CVE-2023-52355", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-52355" }, { "cve": "CVE-2023-52356", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-52356" }, { "cve": "CVE-2023-5363", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5363" }, { "cve": "CVE-2023-5367", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5367" }, { "cve": "CVE-2023-5371", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5371" }, { "cve": "CVE-2023-5380", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5380" }, { "cve": "CVE-2023-5388", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5388" }, { "cve": "CVE-2023-5517", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5517" }, { "cve": "CVE-2023-5574", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5574" }, { "cve": "CVE-2023-5679", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5679" }, { "cve": "CVE-2023-5764", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5764" }, { "cve": "CVE-2023-5824", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-5824" }, { "cve": "CVE-2023-6174", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6174" }, { "cve": "CVE-2023-6175", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6175" }, { "cve": "CVE-2023-6377", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6377" }, { "cve": "CVE-2023-6478", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6478" }, { "cve": "CVE-2023-6516", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6516" }, { "cve": "CVE-2023-6856", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6856" }, { "cve": "CVE-2023-6857", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6857" }, { "cve": "CVE-2023-6858", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6858" }, { "cve": "CVE-2023-6859", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6859" }, { "cve": "CVE-2023-6860", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6860" }, { "cve": "CVE-2023-6861", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6861" }, { "cve": "CVE-2023-6862", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6862" }, { "cve": "CVE-2023-6863", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6863" }, { "cve": "CVE-2023-6864", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6864" }, { "cve": "CVE-2023-6865", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6865" }, { "cve": "CVE-2023-6867", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2023-6867" }, { "cve": "CVE-2024-0207", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0207" }, { "cve": "CVE-2024-0208", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0208" }, { "cve": "CVE-2024-0209", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0209" }, { "cve": "CVE-2024-0210", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0210" }, { "cve": "CVE-2024-0211", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0211" }, { "cve": "CVE-2024-0727", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0727" }, { "cve": "CVE-2024-0741", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0741" }, { "cve": "CVE-2024-0742", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0742" }, { "cve": "CVE-2024-0743", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0743" }, { "cve": "CVE-2024-0746", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0746" }, { "cve": "CVE-2024-0747", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0747" }, { "cve": "CVE-2024-0749", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0749" }, { "cve": "CVE-2024-0750", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0750" }, { "cve": "CVE-2024-0751", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0751" }, { "cve": "CVE-2024-0753", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0753" }, { "cve": "CVE-2024-0755", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-0755" }, { "cve": "CVE-2024-1546", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1546" }, { "cve": "CVE-2024-1547", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1547" }, { "cve": "CVE-2024-1548", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1548" }, { "cve": "CVE-2024-1549", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1549" }, { "cve": "CVE-2024-1550", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1550" }, { "cve": "CVE-2024-1551", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1551" }, { "cve": "CVE-2024-1552", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1552" }, { "cve": "CVE-2024-1553", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-1553" }, { "cve": "CVE-2024-20999", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-20999" }, { "cve": "CVE-2024-21011", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21011" }, { "cve": "CVE-2024-21059", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21059" }, { "cve": "CVE-2024-21068", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21068" }, { "cve": "CVE-2024-21085", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21085" }, { "cve": "CVE-2024-21094", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21094" }, { "cve": "CVE-2024-21105", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21105" }, { "cve": "CVE-2024-21890", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21890" }, { "cve": "CVE-2024-21891", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21891" }, { "cve": "CVE-2024-21896", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-21896" }, { "cve": "CVE-2024-22019", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-22019" }, { "cve": "CVE-2024-22195", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-22195" }, { "cve": "CVE-2024-24680", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-24680" }, { "cve": "CVE-2024-24795", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-24795" }, { "cve": "CVE-2024-24806", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-24806" }, { "cve": "CVE-2024-25617", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-25617" }, { "cve": "CVE-2024-2605", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2605" }, { "cve": "CVE-2024-2607", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2607" }, { "cve": "CVE-2024-2608", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2608" }, { "cve": "CVE-2024-2610", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2610" }, { "cve": "CVE-2024-2611", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2611" }, { "cve": "CVE-2024-2612", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2612" }, { "cve": "CVE-2024-2614", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2614" }, { "cve": "CVE-2024-2616", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-2616" }, { "cve": "CVE-2024-27316", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T035098" ] }, "release_date": "2024-05-28T22:00:00Z", "title": "CVE-2024-27316" } ] }
WID-SEC-W-2023-3182
Vulnerability from csaf_certbund
Published
2023-12-19 23:00
Modified
2024-07-23 22:00
Summary
OpenSSH: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.
Angriff
Ein Angreifer kann mehrere Schwachstellen in OpenSSH ausnutzen, um Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in OpenSSH ausnutzen, um Informationen offenzulegen.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-3182 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3182.json" }, { "category": "self", "summary": "WID-SEC-2023-3182 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3182" }, { "category": "external", "summary": "Rocky Linux Security Advisory RLSA-2024:0606 vom 2024-02-12", "url": "https://errata.build.resf.org/RLSA-2024:0606" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0604-1 vom 2024-02-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/018001.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0603-1 vom 2024-02-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/018002.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0429 vom 2024-01-25", "url": "https://access.redhat.com/errata/RHSA-2024:0429" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0455 vom 2024-01-25", "url": "https://access.redhat.com/errata/RHSA-2024:0455" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1130 vom 2024-03-06", "url": "https://access.redhat.com/errata/RHSA-2024:1130" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12164 vom 2024-02-15", "url": "https://linux.oracle.com/errata/ELSA-2024-12164.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0606 vom 2024-01-30", "url": "https://access.redhat.com/errata/RHSA-2024:0606" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0594 vom 2024-01-30", "url": "https://access.redhat.com/errata/RHSA-2024:0594" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6560-2 vom 2024-01-11", "url": "https://ubuntu.com/security/notices/USN-6560-2" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-0606 vom 2024-02-01", "url": "https://linux.oracle.com/errata/ELSA-2024-0606.html" }, { "category": "external", "summary": "IBM Security Bulletin 7125640 vom 2024-02-28", "url": "https://www.ibm.com/support/pages/node/7125640" }, { "category": "external", "summary": "RedHat Bugzilla vom 2023-12-19", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255268" }, { "category": "external", "summary": "RedHat Bugzilla vom 2023-12-19", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255271" }, { "category": "external", "summary": "OpenSSH Release Notes vom 2023-12-19", "url": "https://www.openssh.com/txt/release-9.6" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-1130 vom 2024-03-06", "url": "https://linux.oracle.com/errata/ELSA-2024-1130.html" }, { "category": "external", "summary": "Debian Security Advisory DSA-5586 vom 2023-12-22", "url": "https://lists.debian.org/debian-security-announce/2023/msg00283.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-3694 vom 2023-12-26", "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html" }, { "category": "external", "summary": "Gentoo Linux Security Advisory GLSA-202312-17 vom 2023-12-28", "url": "https://security.gentoo.org/glsa/202312-17" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6565-1 vom 2024-01-03", "url": "https://ubuntu.com/security/notices/USN-6565-1" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0596-1 vom 2024-02-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017998.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1433 vom 2024-03-20", "url": "https://access.redhat.com/errata/RHSA-2024:1433" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1383 vom 2024-03-19", "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "external", "summary": "IBM Security Bulletin 7144861 vom 2024-03-20", "url": "https://www.ibm.com/support/pages/node/7144861" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2024-2507 vom 2024-04-01", "url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2507.html" }, { "category": "external", "summary": "IBM Security Bulletin 7148094 vom 2024-04-11", "url": "https://www.ibm.com/support/pages/node/7148094" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08", "url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-=" }, { "category": "external", "summary": "HPE Security Bulletin", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesb3p04641en_us" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2393-1 vom 2024-07-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018919.html" }, { "category": "external", "summary": "IBM Security Bulletin 7160492 vom 2024-07-17", "url": "https://www.ibm.com/support/pages/node/7160492" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-239 vom 2024-07-18", "url": "https://www.dell.com/support/kbdoc/de-de/000227051/dsa-2024-239-security-update-dell-ecs-3-8-1-1-for-multiple-security-vulnerabilities" }, { "category": "external", "summary": "HPE Security Bulletin vom 2024-07-23", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04673en_us\u0026docLocale=en_US" } ], "source_lang": "en-US", "title": "OpenSSH: Mehrere Schwachstellen erm\u00f6glichen Offenlegung von Informationen", "tracking": { "current_release_date": "2024-07-23T22:00:00.000+00:00", "generator": { "date": "2024-07-24T09:10:20.466+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-3182", "initial_release_date": "2023-12-19T23:00:00.000+00:00", "revision_history": [ { "date": "2023-12-19T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-12-26T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2023-12-27T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Gentoo aufgenommen" }, { "date": "2024-01-03T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-01-11T23:00:00.000+00:00", "number": "5", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-01-25T23:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-01-30T23:00:00.000+00:00", "number": "7", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-02-01T23:00:00.000+00:00", "number": "8", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-02-12T23:00:00.000+00:00", "number": "9", "summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen" }, { "date": "2024-02-14T23:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-02-22T23:00:00.000+00:00", "number": "11", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-02-25T23:00:00.000+00:00", "number": "12", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-02-28T23:00:00.000+00:00", "number": "13", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-03-05T23:00:00.000+00:00", "number": "14", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-03-06T23:00:00.000+00:00", "number": "15", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-03-19T23:00:00.000+00:00", "number": "16", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-03-20T23:00:00.000+00:00", "number": "17", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-04-01T22:00:00.000+00:00", "number": "18", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2024-04-11T22:00:00.000+00:00", "number": "19", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-05-07T22:00:00.000+00:00", "number": "20", "summary": "Neue Updates von Dell aufgenommen" }, { "date": "2024-06-02T22:00:00.000+00:00", "number": "21", "summary": "Neue Updates von HP aufgenommen" }, { "date": "2024-07-10T22:00:00.000+00:00", "number": "22", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-07-17T22:00:00.000+00:00", "number": "23", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-07-18T22:00:00.000+00:00", "number": "24", "summary": "Neue Updates von Dell aufgenommen" }, { "date": "2024-07-23T22:00:00.000+00:00", "number": "25", "summary": "Neue Updates von HP aufgenommen" } ], "status": "final", "version": "25" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "category": "product_name", "name": "Aruba EdgeConnect", "product": { "name": "Aruba EdgeConnect", "product_id": "T027755", "product_identification_helper": { "cpe": "cpe:/a:aruba:edgeconnect:-" } } }, { "category": "product_name", "name": "Aruba Switch", "product": { "name": "Aruba Switch", "product_id": "T033685", "product_identification_helper": { "cpe": "cpe:/h:arubanetworks:switch:-" } } } ], "category": "vendor", "name": "Aruba" }, { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c3.8.1.1", "product": { "name": "Dell ECS \u003c3.8.1.1", "product_id": "T036366", "product_identification_helper": { "cpe": "cpe:/h:dell:ecs:3.8.1.1" } } } ], "category": "product_name", "name": "ECS" }, { "branches": [ { "category": "product_version", "name": "virtual", "product": { "name": "Dell NetWorker virtual", "product_id": "T034583", "product_identification_helper": { "cpe": "cpe:/a:dell:networker:virtual" } } } ], "category": "product_name", "name": "NetWorker" } ], "category": "vendor", "name": "Dell" }, { "branches": [ { "category": "product_name", "name": "EMC Avamar", "product": { "name": "EMC Avamar", "product_id": "T014381", "product_identification_helper": { "cpe": "cpe:/a:emc:avamar:-" } } } ], "category": "vendor", "name": "EMC" }, { "branches": [ { "category": "product_name", "name": "Gentoo Linux", "product": { "name": "Gentoo Linux", "product_id": "T012167", "product_identification_helper": { "cpe": "cpe:/o:gentoo:linux:-" } } } ], "category": "vendor", "name": "Gentoo" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "7.3", "product": { "name": "IBM AIX 7.3", "product_id": "1139691", "product_identification_helper": { "cpe": "cpe:/o:ibm:aix:7.3" } } }, { "category": "product_version", "name": "7.2", "product": { "name": "IBM AIX 7.2", "product_id": "434967", "product_identification_helper": { "cpe": "cpe:/o:ibm:aix:7.2" } } } ], "category": "product_name", "name": "AIX" }, { "branches": [ { "category": "product_version", "name": "7.5", "product": { "name": "IBM QRadar SIEM 7.5", "product_id": "T022954", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:7.5" } } } ], "category": "product_name", "name": "QRadar SIEM" }, { "branches": [ { "category": "product_version", "name": "12", "product": { "name": "IBM Security Guardium 12.0", "product_id": "T031092", "product_identification_helper": { "cpe": "cpe:/a:ibm:security_guardium:12.0" } } } ], "category": "product_name", "name": "Security Guardium" }, { "branches": [ { "category": "product_version", "name": "Plus 10.1", "product": { "name": "IBM Spectrum Protect Plus 10.1", "product_id": "T015895", "product_identification_helper": { "cpe": "cpe:/a:ibm:spectrum_protect:plus_10.1" } } } ], "category": "product_name", "name": "Spectrum Protect" }, { "branches": [ { "category": "product_version", "name": "3.1", "product": { "name": "IBM VIOS 3.1", "product_id": "1039165", "product_identification_helper": { "cpe": "cpe:/a:ibm:vios:3.1" } } }, { "category": "product_version", "name": "4.1", "product": { "name": "IBM VIOS 4.1", "product_id": "1522854", "product_identification_helper": { "cpe": "cpe:/a:ibm:vios:4.1" } } } ], "category": "product_name", "name": "VIOS" } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c9.6", "product": { "name": "Open Source OpenSSH \u003c9.6", "product_id": "T031748", "product_identification_helper": { "cpe": "cpe:/a:openbsd:openssh:9.6" } } } ], "category": "product_name", "name": "OpenSSH" } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "RESF Rocky Linux", "product": { "name": "RESF Rocky Linux", "product_id": "T032255", "product_identification_helper": { "cpe": "cpe:/o:resf:rocky_linux:-" } } } ], "category": "vendor", "name": "RESF" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-51384", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in OpenSSH. Wenn beim Hinzuf\u00fcgen von PKCS#11-gehosteten privaten Schl\u00fcsseln Zielbeschr\u00e4nkungen angegeben werden, gelten die Beschr\u00e4nkungen nur f\u00fcr den ersten Schl\u00fcssel, selbst in F\u00e4llen, in denen das Token mehrere Schl\u00fcssel liefert. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "434967", "1039165", "T034583", "T036366", "1522854", "T012167", "T015895", "T004914", "T032255", "T033685", "T022954", "1139691", "T014381", "2951", "T002207", "T000126", "T031092", "T027755", "398363" ] }, "release_date": "2023-12-19T23:00:00Z", "title": "CVE-2023-51384" }, { "cve": "CVE-2023-51385", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in OpenSSH. Dieses Problem besteht bei der Verwendung von Expansions-Token (z.B. %u, %h) mit Benutzernamen oder Hostnamen, die die Shell-Metazeichen enthalten. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen." } ], "product_status": { "known_affected": [ "67646", "434967", "1039165", "T034583", "T036366", "1522854", "T012167", "T015895", "T004914", "T032255", "T033685", "T022954", "1139691", "T014381", "2951", "T002207", "T000126", "T031092", "T027755", "398363" ] }, "release_date": "2023-12-19T23:00:00Z", "title": "CVE-2023-51385" } ] }
wid-sec-w-2024-1701
Vulnerability from csaf_certbund
Published
2024-07-23 22:00
Modified
2024-07-23 22:00
Summary
Aruba EdgeConnect: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Aruba EdgeConnect ist eine SD-WAN-Produktfamilie für Unternehmenskunden.
Angriff
Ein entfernter Angreifer kann mehrere Schwachstellen in Aruba EdgeConnect ausnutzen, um beliebigen Code auszuführen oder um Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- Linux
- Windows
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Aruba EdgeConnect ist eine SD-WAN-Produktfamilie f\u00fcr Unternehmenskunden.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter Angreifer kann mehrere Schwachstellen in Aruba EdgeConnect ausnutzen, um beliebigen Code auszuf\u00fchren oder um Sicherheitsma\u00dfnahmen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-1701 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1701.json" }, { "category": "self", "summary": "WID-SEC-2024-1701 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1701" }, { "category": "external", "summary": "HPE Security Bulletin vom 2024-07-23", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04673en_us\u0026docLocale=en_US" }, { "category": "external", "summary": "HPE Aruba Networking Product Security Advisory vom 2024-07-23", "url": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04673.txt" } ], "source_lang": "en-US", "title": "Aruba EdgeConnect: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-07-23T22:00:00.000+00:00", "generator": { "date": "2024-07-24T11:09:13.566+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-1701", "initial_release_date": "2024-07-23T22:00:00.000+00:00", "revision_history": [ { "date": "2024-07-23T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "ECOS \u003c9.2.9.0", "product": { "name": "Aruba EdgeConnect ECOS \u003c9.2.9.0", "product_id": "T036437", "product_identification_helper": { "cpe": "cpe:/a:aruba:edgeconnect:ecos__9.2.9.0" } } }, { "category": "product_version_range", "name": "ECOS \u003c9.1.11.0", "product": { "name": "Aruba EdgeConnect ECOS \u003c9.1.11.0", "product_id": "T036438", "product_identification_helper": { "cpe": "cpe:/a:aruba:edgeconnect:ecos__9.1.11.0" } } }, { "category": "product_version_range", "name": "ECOS \u003c9.3.3.0", "product": { "name": "Aruba EdgeConnect ECOS \u003c9.3.3.0", "product_id": "T036439", "product_identification_helper": { "cpe": "cpe:/a:aruba:edgeconnect:ecos__9.3.3.0" } } } ], "category": "product_name", "name": "EdgeConnect" } ], "category": "vendor", "name": "Aruba" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-33519", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Aruba EdgeConnect. Diese Fehler bestehen in den Komponenten SD-WAN-Befehlszeilenschnittstelle und webbasierte Management-Schnittstelle aufgrund eines unzureichenden Schutzes gegen eine serverseitige Prototypenverunreinigung und eine Befehlsinjektion. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden." } ], "release_date": "2024-07-23T22:00:00Z", "title": "CVE-2024-33519" }, { "cve": "CVE-2024-41133", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Aruba EdgeConnect. Diese Fehler bestehen in den Komponenten SD-WAN-Befehlszeilenschnittstelle und webbasierte Management-Schnittstelle aufgrund eines unzureichenden Schutzes gegen eine serverseitige Prototypenverunreinigung und eine Befehlsinjektion. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden." } ], "release_date": "2024-07-23T22:00:00Z", "title": "CVE-2024-41133" }, { "cve": "CVE-2024-41134", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Aruba EdgeConnect. Diese Fehler bestehen in den Komponenten SD-WAN-Befehlszeilenschnittstelle und webbasierte Management-Schnittstelle aufgrund eines unzureichenden Schutzes gegen eine serverseitige Prototypenverunreinigung und eine Befehlsinjektion. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden." } ], "release_date": "2024-07-23T22:00:00Z", "title": "CVE-2024-41134" }, { "cve": "CVE-2024-41135", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Aruba EdgeConnect. Diese Fehler bestehen in den Komponenten SD-WAN-Befehlszeilenschnittstelle und webbasierte Management-Schnittstelle aufgrund eines unzureichenden Schutzes gegen eine serverseitige Prototypenverunreinigung und eine Befehlsinjektion. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden." } ], "release_date": "2024-07-23T22:00:00Z", "title": "CVE-2024-41135" }, { "cve": "CVE-2024-41136", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Aruba EdgeConnect. Diese Fehler bestehen in den Komponenten SD-WAN-Befehlszeilenschnittstelle und webbasierte Management-Schnittstelle aufgrund eines unzureichenden Schutzes gegen eine serverseitige Prototypenverunreinigung und eine Befehlsinjektion. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden." } ], "release_date": "2024-07-23T22:00:00Z", "title": "CVE-2024-41136" }, { "cve": "CVE-2023-51385", "notes": [ { "category": "description", "text": "Es besteht eine Schwachstelle in der ssh-Komponente von Aruba EdgeConnect aufgrund einer Befehlsinjektion. Ein entfernter, anonymer Angreifer kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen." } ], "release_date": "2024-07-23T22:00:00Z", "title": "CVE-2023-51385" }, { "cve": "CVE-2023-48795", "notes": [ { "category": "description", "text": "Es besteht eine Schwachstelle im SSH-Transportprotokoll mit bestimmten OpenSSH-Erweiterungen in Aruba EdgeConnect aufgrund eines unzureichenden Schutzes gegen Terrapin-Angriffe. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Integrit\u00e4tspr\u00fcfungen zu umgehen und so Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-07-23T22:00:00Z", "title": "CVE-2023-48795" } ] }
WID-SEC-W-2024-0578
Vulnerability from csaf_certbund
Published
2024-03-07 23:00
Modified
2024-03-07 23:00
Summary
Apple macOS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.
Angriff
Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand zu verursachen, beliebigen Code auszuführen, seine Privilegien zu erweitern oder Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- MacOS X
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand zu verursachen, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- MacOS X", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-0578 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0578.json" }, { "category": "self", "summary": "WID-SEC-2024-0578 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0578" }, { "category": "external", "summary": "Apple Security Update vom 2024-03-07", "url": "https://support.apple.com/en-us/HT214083" } ], "source_lang": "en-US", "title": "Apple macOS: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-03-07T23:00:00.000+00:00", "generator": { "date": "2024-03-08T09:02:12.865+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-0578", "initial_release_date": "2024-03-07T23:00:00.000+00:00", "revision_history": [ { "date": "2024-03-07T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c 12.7.4", "product": { "name": "Apple macOS \u003c 12.7.4", "product_id": "T033317", "product_identification_helper": { "cpe": "cpe:/o:apple:mac_os:12.7.4" } } }, { "category": "product_version_range", "name": "\u003c 14.4", "product": { "name": "Apple macOS \u003c 14.4", "product_id": "T033318", "product_identification_helper": { "cpe": "cpe:/o:apple:mac_os:14.4" } } }, { "category": "product_version_range", "name": "\u003c 13.6.5", "product": { "name": "Apple macOS \u003c 13.6.5", "product_id": "T033319", "product_identification_helper": { "cpe": "cpe:/o:apple:mac_os:13.6.5" } } } ], "category": "product_name", "name": "macOS" } ], "category": "vendor", "name": "Apple" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-23296", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23296" }, { "cve": "CVE-2024-23294", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23294" }, { "cve": "CVE-2024-23293", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23293" }, { "cve": "CVE-2024-23292", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23292" }, { "cve": "CVE-2024-23291", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23291" }, { "cve": "CVE-2024-23290", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23290" }, { "cve": "CVE-2024-23289", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23289" }, { "cve": "CVE-2024-23288", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23288" }, { "cve": "CVE-2024-23287", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23287" }, { "cve": "CVE-2024-23286", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23286" }, { "cve": "CVE-2024-23285", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23285" }, { "cve": "CVE-2024-23284", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23284" }, { "cve": "CVE-2024-23283", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23283" }, { "cve": "CVE-2024-23281", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23281" }, { "cve": "CVE-2024-23280", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23280" }, { "cve": "CVE-2024-23279", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23279" }, { "cve": "CVE-2024-23278", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23278" }, { "cve": "CVE-2024-23277", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23277" }, { "cve": "CVE-2024-23276", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23276" }, { "cve": "CVE-2024-23275", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23275" }, { "cve": "CVE-2024-23274", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23274" }, { "cve": "CVE-2024-23273", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23273" }, { "cve": "CVE-2024-23272", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23272" }, { "cve": "CVE-2024-23270", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23270" }, { "cve": "CVE-2024-23269", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23269" }, { "cve": "CVE-2024-23268", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23268" }, { "cve": "CVE-2024-23267", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23267" }, { "cve": "CVE-2024-23266", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23266" }, { "cve": "CVE-2024-23265", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23265" }, { "cve": "CVE-2024-23264", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23264" }, { "cve": "CVE-2024-23263", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23263" }, { "cve": "CVE-2024-23260", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23260" }, { "cve": "CVE-2024-23259", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23259" }, { "cve": "CVE-2024-23258", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23258" }, { "cve": "CVE-2024-23257", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23257" }, { "cve": "CVE-2024-23255", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23255" }, { "cve": "CVE-2024-23254", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23254" }, { "cve": "CVE-2024-23253", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23253" }, { "cve": "CVE-2024-23252", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23252" }, { "cve": "CVE-2024-23250", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23250" }, { "cve": "CVE-2024-23249", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23249" }, { "cve": "CVE-2024-23248", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23248" }, { "cve": "CVE-2024-23247", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23247" }, { "cve": "CVE-2024-23246", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23246" }, { "cve": "CVE-2024-23245", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23245" }, { "cve": "CVE-2024-23244", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23244" }, { "cve": "CVE-2024-23242", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23242" }, { "cve": "CVE-2024-23241", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23241" }, { "cve": "CVE-2024-23239", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23239" }, { "cve": "CVE-2024-23238", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23238" }, { "cve": "CVE-2024-23235", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23235" }, { "cve": "CVE-2024-23234", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23234" }, { "cve": "CVE-2024-23233", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23233" }, { "cve": "CVE-2024-23232", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23232" }, { "cve": "CVE-2024-23231", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23231" }, { "cve": "CVE-2024-23230", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23230" }, { "cve": "CVE-2024-23227", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23227" }, { "cve": "CVE-2024-23226", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23226" }, { "cve": "CVE-2024-23225", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23225" }, { "cve": "CVE-2024-23218", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23218" }, { "cve": "CVE-2024-23216", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23216" }, { "cve": "CVE-2024-23205", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23205" }, { "cve": "CVE-2024-23204", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23204" }, { "cve": "CVE-2024-23201", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23201" }, { "cve": "CVE-2024-0258", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-0258" }, { "cve": "CVE-2023-51385", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2023-51385" }, { "cve": "CVE-2023-51384", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2023-51384" }, { "cve": "CVE-2023-48795", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2023-48795" }, { "cve": "CVE-2023-42853", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2023-42853" }, { "cve": "CVE-2023-28826", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2023-28826" }, { "cve": "CVE-2022-48554", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2022-48554" }, { "cve": "CVE-2022-42816", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2022-42816" } ] }
wid-sec-w-2024-1082
Vulnerability from csaf_certbund
Published
2024-05-09 22:00
Modified
2024-05-09 22:00
Summary
Juniper JUNOS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS im Zusammenhang mit OpenSSH ausnutzen, um Sicherheitsmaßnahmen zu umgehen, beliebigen Code auszuführen oder Dateien zu manipulieren.
Betroffene Betriebssysteme
- Juniper Appliance
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS im Zusammenhang mit OpenSSH ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren.", "title": "Angriff" }, { "category": "general", "text": "- Juniper Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-1082 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1082.json" }, { "category": "self", "summary": "WID-SEC-2024-1082 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1082" }, { "category": "external", "summary": "Juniper Security Advisory vom 2024-05-09", "url": "https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH" } ], "source_lang": "en-US", "title": "Juniper JUNOS: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-05-09T22:00:00.000+00:00", "generator": { "date": "2024-05-10T10:02:55.006+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-1082", "initial_release_date": "2024-05-09T22:00:00.000+00:00", "revision_history": [ { "date": "2024-05-09T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003e=19.4R1", "product": { "name": "Juniper JUNOS \u003e=19.4R1", "product_id": "T034677", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:19.4r1" } } }, { "category": "product_version_range", "name": "Evolved \u003e=22.3R1", "product": { "name": "Juniper JUNOS Evolved \u003e=22.3R1", "product_id": "T034678", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:evolved__22.3r1" } } } ], "category": "product_name", "name": "JUNOS" } ], "category": "vendor", "name": "Juniper" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-20012", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2016-20012" }, { "cve": "CVE-2017-15906", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2017-15906" }, { "cve": "CVE-2018-15473", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2018-15473" }, { "cve": "CVE-2018-15919", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2018-15919" }, { "cve": "CVE-2018-20685", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2018-20685" }, { "cve": "CVE-2019-6109", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2019-6109" }, { "cve": "CVE-2019-6110", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2019-6110" }, { "cve": "CVE-2019-6111", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2019-6111" }, { "cve": "CVE-2020-12062", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2020-12062" }, { "cve": "CVE-2020-14145", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2020-14145" }, { "cve": "CVE-2020-15778", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2020-15778" }, { "cve": "CVE-2021-28041", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2021-28041" }, { "cve": "CVE-2021-36368", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2021-36368" }, { "cve": "CVE-2021-41617", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2021-41617" }, { "cve": "CVE-2023-28531", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2023-28531" }, { "cve": "CVE-2023-38408", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2023-38408" }, { "cve": "CVE-2023-48795", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2023-48795" }, { "cve": "CVE-2023-51384", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2023-51384" }, { "cve": "CVE-2023-51385", "notes": [ { "category": "description", "text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren." } ], "release_date": "2024-05-09T22:00:00Z", "title": "CVE-2023-51385" } ] }
WID-SEC-W-2024-1701
Vulnerability from csaf_certbund
Published
2024-07-23 22:00
Modified
2024-07-23 22:00
Summary
Aruba EdgeConnect: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Aruba EdgeConnect ist eine SD-WAN-Produktfamilie für Unternehmenskunden.
Angriff
Ein entfernter Angreifer kann mehrere Schwachstellen in Aruba EdgeConnect ausnutzen, um beliebigen Code auszuführen oder um Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- Linux
- Windows
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Aruba EdgeConnect ist eine SD-WAN-Produktfamilie f\u00fcr Unternehmenskunden.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter Angreifer kann mehrere Schwachstellen in Aruba EdgeConnect ausnutzen, um beliebigen Code auszuf\u00fchren oder um Sicherheitsma\u00dfnahmen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-1701 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1701.json" }, { "category": "self", "summary": "WID-SEC-2024-1701 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1701" }, { "category": "external", "summary": "HPE Security Bulletin vom 2024-07-23", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04673en_us\u0026docLocale=en_US" }, { "category": "external", "summary": "HPE Aruba Networking Product Security Advisory vom 2024-07-23", "url": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04673.txt" } ], "source_lang": "en-US", "title": "Aruba EdgeConnect: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-07-23T22:00:00.000+00:00", "generator": { "date": "2024-07-24T11:09:13.566+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-1701", "initial_release_date": "2024-07-23T22:00:00.000+00:00", "revision_history": [ { "date": "2024-07-23T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "ECOS \u003c9.2.9.0", "product": { "name": "Aruba EdgeConnect ECOS \u003c9.2.9.0", "product_id": "T036437", "product_identification_helper": { "cpe": "cpe:/a:aruba:edgeconnect:ecos__9.2.9.0" } } }, { "category": "product_version_range", "name": "ECOS \u003c9.1.11.0", "product": { "name": "Aruba EdgeConnect ECOS \u003c9.1.11.0", "product_id": "T036438", "product_identification_helper": { "cpe": "cpe:/a:aruba:edgeconnect:ecos__9.1.11.0" } } }, { "category": "product_version_range", "name": "ECOS \u003c9.3.3.0", "product": { "name": "Aruba EdgeConnect ECOS \u003c9.3.3.0", "product_id": "T036439", "product_identification_helper": { "cpe": "cpe:/a:aruba:edgeconnect:ecos__9.3.3.0" } } } ], "category": "product_name", "name": "EdgeConnect" } ], "category": "vendor", "name": "Aruba" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-33519", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Aruba EdgeConnect. Diese Fehler bestehen in den Komponenten SD-WAN-Befehlszeilenschnittstelle und webbasierte Management-Schnittstelle aufgrund eines unzureichenden Schutzes gegen eine serverseitige Prototypenverunreinigung und eine Befehlsinjektion. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden." } ], "release_date": "2024-07-23T22:00:00Z", "title": "CVE-2024-33519" }, { "cve": "CVE-2024-41133", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Aruba EdgeConnect. Diese Fehler bestehen in den Komponenten SD-WAN-Befehlszeilenschnittstelle und webbasierte Management-Schnittstelle aufgrund eines unzureichenden Schutzes gegen eine serverseitige Prototypenverunreinigung und eine Befehlsinjektion. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden." } ], "release_date": "2024-07-23T22:00:00Z", "title": "CVE-2024-41133" }, { "cve": "CVE-2024-41134", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Aruba EdgeConnect. Diese Fehler bestehen in den Komponenten SD-WAN-Befehlszeilenschnittstelle und webbasierte Management-Schnittstelle aufgrund eines unzureichenden Schutzes gegen eine serverseitige Prototypenverunreinigung und eine Befehlsinjektion. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden." } ], "release_date": "2024-07-23T22:00:00Z", "title": "CVE-2024-41134" }, { "cve": "CVE-2024-41135", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Aruba EdgeConnect. Diese Fehler bestehen in den Komponenten SD-WAN-Befehlszeilenschnittstelle und webbasierte Management-Schnittstelle aufgrund eines unzureichenden Schutzes gegen eine serverseitige Prototypenverunreinigung und eine Befehlsinjektion. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden." } ], "release_date": "2024-07-23T22:00:00Z", "title": "CVE-2024-41135" }, { "cve": "CVE-2024-41136", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Aruba EdgeConnect. Diese Fehler bestehen in den Komponenten SD-WAN-Befehlszeilenschnittstelle und webbasierte Management-Schnittstelle aufgrund eines unzureichenden Schutzes gegen eine serverseitige Prototypenverunreinigung und eine Befehlsinjektion. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden." } ], "release_date": "2024-07-23T22:00:00Z", "title": "CVE-2024-41136" }, { "cve": "CVE-2023-51385", "notes": [ { "category": "description", "text": "Es besteht eine Schwachstelle in der ssh-Komponente von Aruba EdgeConnect aufgrund einer Befehlsinjektion. Ein entfernter, anonymer Angreifer kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen." } ], "release_date": "2024-07-23T22:00:00Z", "title": "CVE-2023-51385" }, { "cve": "CVE-2023-48795", "notes": [ { "category": "description", "text": "Es besteht eine Schwachstelle im SSH-Transportprotokoll mit bestimmten OpenSSH-Erweiterungen in Aruba EdgeConnect aufgrund eines unzureichenden Schutzes gegen Terrapin-Angriffe. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Integrit\u00e4tspr\u00fcfungen zu umgehen und so Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-07-23T22:00:00Z", "title": "CVE-2023-48795" } ] }
wid-sec-w-2024-0578
Vulnerability from csaf_certbund
Published
2024-03-07 23:00
Modified
2024-03-07 23:00
Summary
Apple macOS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.
Angriff
Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand zu verursachen, beliebigen Code auszuführen, seine Privilegien zu erweitern oder Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- MacOS X
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand zu verursachen, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- MacOS X", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-0578 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0578.json" }, { "category": "self", "summary": "WID-SEC-2024-0578 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0578" }, { "category": "external", "summary": "Apple Security Update vom 2024-03-07", "url": "https://support.apple.com/en-us/HT214083" } ], "source_lang": "en-US", "title": "Apple macOS: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-03-07T23:00:00.000+00:00", "generator": { "date": "2024-03-08T09:02:12.865+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-0578", "initial_release_date": "2024-03-07T23:00:00.000+00:00", "revision_history": [ { "date": "2024-03-07T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c 12.7.4", "product": { "name": "Apple macOS \u003c 12.7.4", "product_id": "T033317", "product_identification_helper": { "cpe": "cpe:/o:apple:mac_os:12.7.4" } } }, { "category": "product_version_range", "name": "\u003c 14.4", "product": { "name": "Apple macOS \u003c 14.4", "product_id": "T033318", "product_identification_helper": { "cpe": "cpe:/o:apple:mac_os:14.4" } } }, { "category": "product_version_range", "name": "\u003c 13.6.5", "product": { "name": "Apple macOS \u003c 13.6.5", "product_id": "T033319", "product_identification_helper": { "cpe": "cpe:/o:apple:mac_os:13.6.5" } } } ], "category": "product_name", "name": "macOS" } ], "category": "vendor", "name": "Apple" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-23296", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23296" }, { "cve": "CVE-2024-23294", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23294" }, { "cve": "CVE-2024-23293", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23293" }, { "cve": "CVE-2024-23292", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23292" }, { "cve": "CVE-2024-23291", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23291" }, { "cve": "CVE-2024-23290", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23290" }, { "cve": "CVE-2024-23289", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23289" }, { "cve": "CVE-2024-23288", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23288" }, { "cve": "CVE-2024-23287", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23287" }, { "cve": "CVE-2024-23286", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23286" }, { "cve": "CVE-2024-23285", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23285" }, { "cve": "CVE-2024-23284", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23284" }, { "cve": "CVE-2024-23283", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23283" }, { "cve": "CVE-2024-23281", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23281" }, { "cve": "CVE-2024-23280", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23280" }, { "cve": "CVE-2024-23279", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23279" }, { "cve": "CVE-2024-23278", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23278" }, { "cve": "CVE-2024-23277", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23277" }, { "cve": "CVE-2024-23276", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23276" }, { "cve": "CVE-2024-23275", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23275" }, { "cve": "CVE-2024-23274", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23274" }, { "cve": "CVE-2024-23273", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23273" }, { "cve": "CVE-2024-23272", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23272" }, { "cve": "CVE-2024-23270", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23270" }, { "cve": "CVE-2024-23269", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23269" }, { "cve": "CVE-2024-23268", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23268" }, { "cve": "CVE-2024-23267", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23267" }, { "cve": "CVE-2024-23266", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23266" }, { "cve": "CVE-2024-23265", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23265" }, { "cve": "CVE-2024-23264", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23264" }, { "cve": "CVE-2024-23263", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23263" }, { "cve": "CVE-2024-23260", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23260" }, { "cve": "CVE-2024-23259", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23259" }, { "cve": "CVE-2024-23258", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23258" }, { "cve": "CVE-2024-23257", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23257" }, { "cve": "CVE-2024-23255", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23255" }, { "cve": "CVE-2024-23254", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23254" }, { "cve": "CVE-2024-23253", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23253" }, { "cve": "CVE-2024-23252", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23252" }, { "cve": "CVE-2024-23250", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23250" }, { "cve": "CVE-2024-23249", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23249" }, { "cve": "CVE-2024-23248", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23248" }, { "cve": "CVE-2024-23247", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23247" }, { "cve": "CVE-2024-23246", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23246" }, { "cve": "CVE-2024-23245", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23245" }, { "cve": "CVE-2024-23244", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23244" }, { "cve": "CVE-2024-23242", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23242" }, { "cve": "CVE-2024-23241", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23241" }, { "cve": "CVE-2024-23239", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23239" }, { "cve": "CVE-2024-23238", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23238" }, { "cve": "CVE-2024-23235", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23235" }, { "cve": "CVE-2024-23234", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23234" }, { "cve": "CVE-2024-23233", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23233" }, { "cve": "CVE-2024-23232", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23232" }, { "cve": "CVE-2024-23231", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23231" }, { "cve": "CVE-2024-23230", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23230" }, { "cve": "CVE-2024-23227", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23227" }, { "cve": "CVE-2024-23226", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23226" }, { "cve": "CVE-2024-23225", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23225" }, { "cve": "CVE-2024-23218", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23218" }, { "cve": "CVE-2024-23216", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23216" }, { "cve": "CVE-2024-23205", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23205" }, { "cve": "CVE-2024-23204", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23204" }, { "cve": "CVE-2024-23201", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-23201" }, { "cve": "CVE-2024-0258", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2024-0258" }, { "cve": "CVE-2023-51385", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2023-51385" }, { "cve": "CVE-2023-51384", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2023-51384" }, { "cve": "CVE-2023-48795", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2023-48795" }, { "cve": "CVE-2023-42853", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2023-42853" }, { "cve": "CVE-2023-28826", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2023-28826" }, { "cve": "CVE-2022-48554", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2022-48554" }, { "cve": "CVE-2022-42816", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Apple macOS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Kernel, dem PackageKit oder den Speicherdiensten, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Berechtigungspr\u00fcfung, einer unsachgem\u00e4\u00dfen Validierung von Benutzereingaben oder einer unsachgem\u00e4\u00dfen Speicherbehandlung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, beliebigen Code auszuf\u00fchren, seine Privilegien zu erweitern oder Sicherheitsma\u00dfnahmen zu umgehen." } ], "release_date": "2024-03-07T23:00:00Z", "title": "CVE-2022-42816" } ] }
ssa-794697
Vulnerability from csaf_siemens
Published
2023-06-13 00:00
Modified
2024-04-09 00:00
Summary
SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1
Notes
Summary
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.
Siemens has released a new version for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem and recommends to update to the latest version.
This advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (
https://cert-portal.siemens.com/productcert/html/ssa-265688.html).
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)", "tlp": { "label": "WHITE" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.\n\nSiemens has released a new version for SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem and recommends to update to the latest version.\n\nThis advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (\nhttps://cert-portal.siemens.com/productcert/html/ssa-265688.html).", "title": "Summary" }, { "category": "general", "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", "title": "General Recommendations" }, { "category": "general", "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", "title": "Additional Resources" }, { "category": "legal_disclaimer", "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "productcert@siemens.com", "name": "Siemens ProductCERT", "namespace": "https://www.siemens.com" }, "references": [ { "category": "self", "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - HTML Version", "url": "https://cert-portal.siemens.com/productcert/html/ssa-794697.html" }, { "category": "self", "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - CSAF Version", "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-794697.json" }, { "category": "self", "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - PDF Version", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf" }, { "category": "self", "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - TXT Version", "url": "https://cert-portal.siemens.com/productcert/txt/ssa-794697.txt" } ], "title": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1", "tracking": { "current_release_date": "2024-04-09T00:00:00Z", "generator": { "engine": { "name": "Siemens ProductCERT CSAF Generator", "version": "1" } }, "id": "SSA-794697", "initial_release_date": "2023-06-13T00:00:00Z", "revision_history": [ { "date": "2023-06-13T00:00:00Z", "legacy_version": "1.0", "number": "1", "summary": "Publication Date" }, { "date": "2023-07-11T00:00:00Z", "legacy_version": "1.1", "number": "2", "summary": "Added CVE-2022-4269, CVE-2023-3141, CVE-2023-3268, CVE-2023-31436, CVE-2023-32233" }, { "date": "2023-08-08T00:00:00Z", "legacy_version": "1.2", "number": "3", "summary": "Added CVE-2023-3446, CVE-2023-3389, CVE-2022-1015, \r\nCVE-2023-3609" }, { "date": "2023-09-12T00:00:00Z", "legacy_version": "1.3", "number": "4", "summary": "Added CVE-2023-3338" }, { "date": "2023-11-14T00:00:00Z", "legacy_version": "1.4", "number": "5", "summary": "Added CVE-2023-1206, CVE-2023-2898, CVE-2023-3610, CVE-2023-3611, CVE-2023-3772, CVE-2023-3773, CVE-2023-3777, CVE-2023-4004, CVE-2023-4015, CVE-2023-4273, CVE-2023-4623, CVE-2023-4921, CVE-2023-35001, CVE-2023-37453, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42753, CVE-2023-42755" }, { "date": "2023-12-12T00:00:00Z", "legacy_version": "1.5", "number": "6", "summary": "Added CVE-2021-44879, CVE-2023-5178, CVE-2023-5197, CVE-2023-5678, CVE-2023-5717, CVE-2023-31085, CVE-2023-35827, CVE-2023-39189, CVE-2023-42754, CVE-2023-45863, CVE-2023-45871" }, { "date": "2024-01-09T00:00:00Z", "legacy_version": "1.6", "number": "7", "summary": "Added CVE-2023-48795" }, { "date": "2024-02-13T00:00:00Z", "legacy_version": "1.7", "number": "8", "summary": "Added CVE-2020-12762, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932, CVE-2023-7008, CVE-2023-7104, CVE-2023-36660, CVE-2023-50495, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-0232, CVE-2024-0553, CVE-2024-0567, CVE-2024-0584, CVE-2024-0684, CVE-2024-22365, CVE-2024-25062" }, { "date": "2024-04-09T00:00:00Z", "legacy_version": "1.8", "number": "9", "summary": "Added fix for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem" } ], "status": "interim", "version": "9" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003cV1.1", "product": { "name": "SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem", "product_id": "1" } } ], "category": "product_name", "name": "SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-12762", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-12762" }, { "cve": "CVE-2021-3759", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "A memory overflow vulnerability was found in the Linux kernel\u2019s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-3759" }, { "cve": "CVE-2021-4037", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-4037" }, { "cve": "CVE-2021-33655", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-33655" }, { "cve": "CVE-2021-44879", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-44879" }, { "cve": "CVE-2022-0171", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-0171" }, { "cve": "CVE-2022-1012", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "summary", "text": "A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1012" }, { "cve": "CVE-2022-1015", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1015" }, { "cve": "CVE-2022-1184", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel\u2019s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1184" }, { "cve": "CVE-2022-1292", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "notes": [ { "category": "summary", "text": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1292" }, { "cve": "CVE-2022-1343", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1343" }, { "cve": "CVE-2022-1434", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "notes": [ { "category": "summary", "text": "When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1434" }, { "cve": "CVE-2022-1462", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "An out-of-bounds read flaw was found in the Linux kernel\u2019s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1462" }, { "cve": "CVE-2022-1473", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "summary", "text": "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1473" }, { "cve": "CVE-2022-1679", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in the Linux kernel\u2019s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1679" }, { "cve": "CVE-2022-1852", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "A NULL pointer dereference flaw was found in the Linux kernel\u2019s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1852" }, { "cve": "CVE-2022-1882", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in the Linux kernel\u2019s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1882" }, { "cve": "CVE-2022-2068", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "notes": [ { "category": "summary", "text": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2068" }, { "cve": "CVE-2022-2078", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in the Linux kernel\u0027s nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2078" }, { "cve": "CVE-2022-2097", "cwe": { "id": "CWE-326", "name": "Inadequate Encryption Strength" }, "notes": [ { "category": "summary", "text": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn\u0027t written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2097" }, { "cve": "CVE-2022-2153", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel\u2019s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2153" }, { "cve": "CVE-2022-2274", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2274" }, { "cve": "CVE-2022-2327", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2327" }, { "cve": "CVE-2022-2503", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2503" }, { "cve": "CVE-2022-2586", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2586" }, { "cve": "CVE-2022-2588", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2588" }, { "cve": "CVE-2022-2602", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker local privilege escalation.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2602" }, { "cve": "CVE-2022-2663", "cwe": { "id": "CWE-923", "name": "Improper Restriction of Communication Channel to Intended Endpoints" }, "notes": [ { "category": "summary", "text": "An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2663" }, { "cve": "CVE-2022-2905", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "An out-of-bounds memory read flaw was found in the Linux kernel\u0027s BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2905" }, { "cve": "CVE-2022-2959", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "A race condition was found in the Linux kernel\u0027s watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2959" }, { "cve": "CVE-2022-2978", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2978" }, { "cve": "CVE-2022-3028", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "A race condition was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3028" }, { "cve": "CVE-2022-3104", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3104" }, { "cve": "CVE-2022-3115", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3115" }, { "cve": "CVE-2022-3169", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3169" }, { "cve": "CVE-2022-3303", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3303" }, { "cve": "CVE-2022-3521", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 2.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3521" }, { "cve": "CVE-2022-3524", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3524" }, { "cve": "CVE-2022-3534", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3534" }, { "cve": "CVE-2022-3545", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3545" }, { "cve": "CVE-2022-3564", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3564" }, { "cve": "CVE-2022-3565", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3565" }, { "cve": "CVE-2022-3586", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel\u2019s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3586" }, { "cve": "CVE-2022-3594", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3594" }, { "cve": "CVE-2022-3606", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3606" }, { "cve": "CVE-2022-3621", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3621" }, { "cve": "CVE-2022-3625", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3625" }, { "cve": "CVE-2022-3628", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "notes": [ { "category": "summary", "text": "A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3628" }, { "cve": "CVE-2022-3629", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3629" }, { "cve": "CVE-2022-3633", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "summary", "text": "A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3633" }, { "cve": "CVE-2022-3635", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3635" }, { "cve": "CVE-2022-3646", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "summary", "text": "A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3646" }, { "cve": "CVE-2022-3649", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3649" }, { "cve": "CVE-2022-4095", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-4095" }, { "cve": "CVE-2022-4129", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel\u0027s Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-4129" }, { "cve": "CVE-2022-4139", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "summary", "text": "An incorrect TLB flush issue was found in the Linux kernel\u2019s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-4139" }, { "cve": "CVE-2022-4269", "cwe": { "id": "CWE-833", "name": "Deadlock" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action \"mirred\") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-4269" }, { "cve": "CVE-2022-4304", "cwe": { "id": "CWE-326", "name": "Inadequate Encryption Strength" }, "notes": [ { "category": "summary", "text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-4304" }, { "cve": "CVE-2022-4450", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-4450" }, { "cve": "CVE-2022-4662", "cwe": { "id": "CWE-455", "name": "Non-exit on Failed Initialization" }, "notes": [ { "category": "summary", "text": "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-4662" }, { "cve": "CVE-2022-20421", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20421" }, { "cve": "CVE-2022-20422", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20422" }, { "cve": "CVE-2022-20566", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20566" }, { "cve": "CVE-2022-20572", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "summary", "text": "In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20572" }, { "cve": "CVE-2022-21123", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "notes": [ { "category": "summary", "text": "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-21123" }, { "cve": "CVE-2022-21125", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "notes": [ { "category": "summary", "text": "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-21125" }, { "cve": "CVE-2022-21166", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "notes": [ { "category": "summary", "text": "Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-21166" }, { "cve": "CVE-2022-21505", "cwe": { "id": "CWE-305", "name": "Authentication Bypass by Primary Weakness" }, "notes": [ { "category": "summary", "text": "A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-21505" }, { "cve": "CVE-2022-26373", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-26373" }, { "cve": "CVE-2022-32250", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-32250" }, { "cve": "CVE-2022-32296", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "notes": [ { "category": "summary", "text": "The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 (\"Double-Hash Port Selection Algorithm\") of RFC 6056.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-32296" }, { "cve": "CVE-2022-34918", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-34918" }, { "cve": "CVE-2022-36123", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-36123" }, { "cve": "CVE-2022-36280", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-36280" }, { "cve": "CVE-2022-36879", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-36879" }, { "cve": "CVE-2022-36946", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb-\u003elen.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-36946" }, { "cve": "CVE-2022-39188", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-39188" }, { "cve": "CVE-2022-39190", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-39190" }, { "cve": "CVE-2022-40307", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-40307" }, { "cve": "CVE-2022-40768", "cwe": { "id": "CWE-668", "name": "Exposure of Resource to Wrong Sphere" }, "notes": [ { "category": "summary", "text": "drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-40768" }, { "cve": "CVE-2022-41218", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-41218" }, { "cve": "CVE-2022-41222", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-41222" }, { "cve": "CVE-2022-41674", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-41674" }, { "cve": "CVE-2022-41849", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-41849" }, { "cve": "CVE-2022-41850", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report-\u003evalue is in progress.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-41850" }, { "cve": "CVE-2022-42328", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "summary", "text": "Guests can trigger deadlock in Linux netback driver [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42328" }, { "cve": "CVE-2022-42329", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "summary", "text": "Guests can trigger deadlock in Linux netback drive. The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42329" }, { "cve": "CVE-2022-42432", "cwe": { "id": "CWE-457", "name": "Use of Uninitialized Variable" }, "notes": [ { "category": "summary", "text": "This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nft_osf_eval function. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-18540.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42432" }, { "cve": "CVE-2022-42703", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42703" }, { "cve": "CVE-2022-42719", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42719" }, { "cve": "CVE-2022-42720", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42720" }, { "cve": "CVE-2022-42721", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "notes": [ { "category": "summary", "text": "A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42721" }, { "cve": "CVE-2022-42722", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42722" }, { "cve": "CVE-2022-42895", "cwe": { "id": "CWE-824", "name": "Access of Uninitialized Pointer" }, "notes": [ { "category": "summary", "text": "There is an infoleak vulnerability in the Linux kernel\u0027s net/bluetooth/l2cap_core.c\u0027s l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42895" }, { "cve": "CVE-2022-42896", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "There are use-after-free vulnerabilities in the Linux kernel\u0027s net/bluetooth/l2cap_core.c\u0027s l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42896" }, { "cve": "CVE-2022-43750", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor\u0027s internal memory.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-43750" }, { "cve": "CVE-2022-47518", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-47518" }, { "cve": "CVE-2022-47520", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-47520" }, { "cve": "CVE-2022-47929", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with \"tc qdisc\" and \"tc class\" commands. This affects qdisc_graft in net/sched/sch_api.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-47929" }, { "cve": "CVE-2022-47946", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of io_sqpoll_wait_sq.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-47946" }, { "cve": "CVE-2023-0215", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-0215" }, { "cve": "CVE-2023-0286", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-0286" }, { "cve": "CVE-2023-0464", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-0464" }, { "cve": "CVE-2023-0465", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-0465" }, { "cve": "CVE-2023-0466", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "The function X509_VERIFY_PARAM_add0_policy() is documented to\nimplicitly enable the certificate policy check when doing certificate\nverification. However the implementation of the function does not\nenable the check which allows certificates with invalid or incorrect\npolicies to pass the certificate verification.\n\nAs suddenly enabling the policy check could break existing deployments it was\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\nfunction.\n\nInstead the applications that require OpenSSL to perform certificate\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\nthe X509_V_FLAG_POLICY_CHECK flag argument.\n\nCertificate policy checks are disabled by default in OpenSSL and are not\ncommonly used by applications.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-0466" }, { "cve": "CVE-2023-0590", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-0590" }, { "cve": "CVE-2023-1077", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)" }, "notes": [ { "category": "summary", "text": "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-1077" }, { "cve": "CVE-2023-1095", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-1095" }, { "cve": "CVE-2023-1206", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel\u2019s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-1206" }, { "cve": "CVE-2023-2898", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-2898" }, { "cve": "CVE-2023-3141", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3141" }, { "cve": "CVE-2023-3268", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3268" }, { "cve": "CVE-2023-3338", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "A null pointer dereference flaw was found in the Linux kernel\u0027s DECnet networking protocol. This issue could allow a remote user to crash the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3338" }, { "cve": "CVE-2023-3389", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer.\r\n\r\nWe recommend upgrading past commit `ef7dfac51d8ed961b742218f526bd589f3900a59` \r\n(`4716c73b188566865bdd79c3a6709696a224ac04` for 5.10 stable and \r\n`0e388fce7aec40992eadee654193cad345d62663` for 5.15 stable).", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3389" }, { "cve": "CVE-2023-3446", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "notes": [ { "category": "summary", "text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus (\u0027p\u0027 parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3446" }, { "cve": "CVE-2023-3609", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: cls_u32 component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3609" }, { "cve": "CVE-2023-3610", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3610" }, { "cve": "CVE-2023-3611", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An out-of-bounds write vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3611" }, { "cve": "CVE-2023-3772", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3772" }, { "cve": "CVE-2023-3773", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3773" }, { "cve": "CVE-2023-3777", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain\u0027s owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3777" }, { "cve": "CVE-2023-4004", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in the Linux kernel\u0027s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-4004" }, { "cve": "CVE-2023-4015", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-4015" }, { "cve": "CVE-2023-4273", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "summary", "text": "This vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this vulnerability to overflow the kernel stack.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-4273" }, { "cve": "CVE-2023-4623", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-4623" }, { "cve": "CVE-2023-4911", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "summary", "text": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-4911" }, { "cve": "CVE-2023-4921", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-4921" }, { "cve": "CVE-2023-5178", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious local privileged user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-5178" }, { "cve": "CVE-2023-5197", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nAddition and removal of rules from chain bindings within the same transaction causes leads to use-after-free.\r\n\r\nWe recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-5197" }, { "cve": "CVE-2023-5678", "cwe": { "id": "CWE-754", "name": "Improper Check for Unusual or Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-5678" }, { "cve": "CVE-2023-5717", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event\u0027s sibling_list is smaller than its child\u0027s sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-5717" }, { "cve": "CVE-2023-6606", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-6606" }, { "cve": "CVE-2023-6931", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-6931" }, { "cve": "CVE-2023-6932", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-6932" }, { "cve": "CVE-2023-7008", "cwe": { "id": "CWE-300", "name": "Channel Accessible by Non-Endpoint" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-7008" }, { "cve": "CVE-2023-7104", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-7104" }, { "cve": "CVE-2023-23454", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)" }, "notes": [ { "category": "summary", "text": "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-23454" }, { "cve": "CVE-2023-23455", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)" }, "notes": [ { "category": "summary", "text": "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-23455" }, { "cve": "CVE-2023-23559", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-23559" }, { "cve": "CVE-2023-26607", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-26607" }, { "cve": "CVE-2023-31085", "cwe": { "id": "CWE-369", "name": "Divide By Zero" }, "notes": [ { "category": "summary", "text": "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd-\u003eerasesize), used indirectly by ctrl_cdev_ioctl, when mtd-\u003eerasesize is 0.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-31085" }, { "cve": "CVE-2023-31436", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-31436" }, { "cve": "CVE-2023-32233", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-32233" }, { "cve": "CVE-2023-35001", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-35001" }, { "cve": "CVE-2023-35827", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-35827" }, { "cve": "CVE-2023-36660", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-36660" }, { "cve": "CVE-2023-37453", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-37453" }, { "cve": "CVE-2023-39189", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-39189" }, { "cve": "CVE-2023-39192", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-39192" }, { "cve": "CVE-2023-39193", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-39193" }, { "cve": "CVE-2023-39194", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.2, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-39194" }, { "cve": "CVE-2023-42753", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h-\u003enets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-42753" }, { "cve": "CVE-2023-42754", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-42754" }, { "cve": "CVE-2023-42755", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-42755" }, { "cve": "CVE-2023-45863", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-45863" }, { "cve": "CVE-2023-45871", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "notes": [ { "category": "summary", "text": "An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-45871" }, { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "notes": [ { "category": "summary", "text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-48795" }, { "cve": "CVE-2023-50495", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-50495" }, { "cve": "CVE-2023-51384", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-51384" }, { "cve": "CVE-2023-51385", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "notes": [ { "category": "summary", "text": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-51385" }, { "cve": "CVE-2023-51767", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-51767" }, { "cve": "CVE-2024-0232", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2024-0232" }, { "cve": "CVE-2024-0553", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2024-0553" }, { "cve": "CVE-2024-0567", "cwe": { "id": "CWE-347", "name": "Improper Verification of Cryptographic Signature" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2024-0567" }, { "cve": "CVE-2024-0584", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2024-0584" }, { "cve": "CVE-2024-0684", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "summary", "text": "A flaw was found in the GNU coreutils \"split\" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2024-0684" }, { "cve": "CVE-2024-22365", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2024-22365" }, { "cve": "CVE-2024-25062", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2024-25062" } ] }
SSA-794697
Vulnerability from csaf_siemens
Published
2023-06-13 00:00
Modified
2024-04-09 00:00
Summary
SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1
Notes
Summary
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.
Siemens has released a new version for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem and recommends to update to the latest version.
This advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (
https://cert-portal.siemens.com/productcert/html/ssa-265688.html).
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)", "tlp": { "label": "WHITE" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.\n\nSiemens has released a new version for SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem and recommends to update to the latest version.\n\nThis advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (\nhttps://cert-portal.siemens.com/productcert/html/ssa-265688.html).", "title": "Summary" }, { "category": "general", "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", "title": "General Recommendations" }, { "category": "general", "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", "title": "Additional Resources" }, { "category": "legal_disclaimer", "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "productcert@siemens.com", "name": "Siemens ProductCERT", "namespace": "https://www.siemens.com" }, "references": [ { "category": "self", "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - HTML Version", "url": "https://cert-portal.siemens.com/productcert/html/ssa-794697.html" }, { "category": "self", "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - CSAF Version", "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-794697.json" }, { "category": "self", "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - PDF Version", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf" }, { "category": "self", "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - TXT Version", "url": "https://cert-portal.siemens.com/productcert/txt/ssa-794697.txt" } ], "title": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1", "tracking": { "current_release_date": "2024-04-09T00:00:00Z", "generator": { "engine": { "name": "Siemens ProductCERT CSAF Generator", "version": "1" } }, "id": "SSA-794697", "initial_release_date": "2023-06-13T00:00:00Z", "revision_history": [ { "date": "2023-06-13T00:00:00Z", "legacy_version": "1.0", "number": "1", "summary": "Publication Date" }, { "date": "2023-07-11T00:00:00Z", "legacy_version": "1.1", "number": "2", "summary": "Added CVE-2022-4269, CVE-2023-3141, CVE-2023-3268, CVE-2023-31436, CVE-2023-32233" }, { "date": "2023-08-08T00:00:00Z", "legacy_version": "1.2", "number": "3", "summary": "Added CVE-2023-3446, CVE-2023-3389, CVE-2022-1015, \r\nCVE-2023-3609" }, { "date": "2023-09-12T00:00:00Z", "legacy_version": "1.3", "number": "4", "summary": "Added CVE-2023-3338" }, { "date": "2023-11-14T00:00:00Z", "legacy_version": "1.4", "number": "5", "summary": "Added CVE-2023-1206, CVE-2023-2898, CVE-2023-3610, CVE-2023-3611, CVE-2023-3772, CVE-2023-3773, CVE-2023-3777, CVE-2023-4004, CVE-2023-4015, CVE-2023-4273, CVE-2023-4623, CVE-2023-4921, CVE-2023-35001, CVE-2023-37453, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42753, CVE-2023-42755" }, { "date": "2023-12-12T00:00:00Z", "legacy_version": "1.5", "number": "6", "summary": "Added CVE-2021-44879, CVE-2023-5178, CVE-2023-5197, CVE-2023-5678, CVE-2023-5717, CVE-2023-31085, CVE-2023-35827, CVE-2023-39189, CVE-2023-42754, CVE-2023-45863, CVE-2023-45871" }, { "date": "2024-01-09T00:00:00Z", "legacy_version": "1.6", "number": "7", "summary": "Added CVE-2023-48795" }, { "date": "2024-02-13T00:00:00Z", "legacy_version": "1.7", "number": "8", "summary": "Added CVE-2020-12762, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932, CVE-2023-7008, CVE-2023-7104, CVE-2023-36660, CVE-2023-50495, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-0232, CVE-2024-0553, CVE-2024-0567, CVE-2024-0584, CVE-2024-0684, CVE-2024-22365, CVE-2024-25062" }, { "date": "2024-04-09T00:00:00Z", "legacy_version": "1.8", "number": "9", "summary": "Added fix for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem" } ], "status": "interim", "version": "9" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003cV1.1", "product": { "name": "SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem", "product_id": "1" } } ], "category": "product_name", "name": "SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-12762", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-12762" }, { "cve": "CVE-2021-3759", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "A memory overflow vulnerability was found in the Linux kernel\u2019s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-3759" }, { "cve": "CVE-2021-4037", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-4037" }, { "cve": "CVE-2021-33655", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-33655" }, { "cve": "CVE-2021-44879", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-44879" }, { "cve": "CVE-2022-0171", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-0171" }, { "cve": "CVE-2022-1012", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "summary", "text": "A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1012" }, { "cve": "CVE-2022-1015", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1015" }, { "cve": "CVE-2022-1184", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel\u2019s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1184" }, { "cve": "CVE-2022-1292", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "notes": [ { "category": "summary", "text": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1292" }, { "cve": "CVE-2022-1343", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1343" }, { "cve": "CVE-2022-1434", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "notes": [ { "category": "summary", "text": "When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1434" }, { "cve": "CVE-2022-1462", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "An out-of-bounds read flaw was found in the Linux kernel\u2019s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1462" }, { "cve": "CVE-2022-1473", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "summary", "text": "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1473" }, { "cve": "CVE-2022-1679", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in the Linux kernel\u2019s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1679" }, { "cve": "CVE-2022-1852", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "A NULL pointer dereference flaw was found in the Linux kernel\u2019s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1852" }, { "cve": "CVE-2022-1882", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in the Linux kernel\u2019s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-1882" }, { "cve": "CVE-2022-2068", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "notes": [ { "category": "summary", "text": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2068" }, { "cve": "CVE-2022-2078", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in the Linux kernel\u0027s nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2078" }, { "cve": "CVE-2022-2097", "cwe": { "id": "CWE-326", "name": "Inadequate Encryption Strength" }, "notes": [ { "category": "summary", "text": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn\u0027t written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2097" }, { "cve": "CVE-2022-2153", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel\u2019s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2153" }, { "cve": "CVE-2022-2274", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2274" }, { "cve": "CVE-2022-2327", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2327" }, { "cve": "CVE-2022-2503", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2503" }, { "cve": "CVE-2022-2586", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2586" }, { "cve": "CVE-2022-2588", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2588" }, { "cve": "CVE-2022-2602", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker local privilege escalation.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2602" }, { "cve": "CVE-2022-2663", "cwe": { "id": "CWE-923", "name": "Improper Restriction of Communication Channel to Intended Endpoints" }, "notes": [ { "category": "summary", "text": "An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2663" }, { "cve": "CVE-2022-2905", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "An out-of-bounds memory read flaw was found in the Linux kernel\u0027s BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2905" }, { "cve": "CVE-2022-2959", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "A race condition was found in the Linux kernel\u0027s watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2959" }, { "cve": "CVE-2022-2978", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-2978" }, { "cve": "CVE-2022-3028", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "A race condition was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3028" }, { "cve": "CVE-2022-3104", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3104" }, { "cve": "CVE-2022-3115", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3115" }, { "cve": "CVE-2022-3169", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3169" }, { "cve": "CVE-2022-3303", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3303" }, { "cve": "CVE-2022-3521", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 2.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3521" }, { "cve": "CVE-2022-3524", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3524" }, { "cve": "CVE-2022-3534", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3534" }, { "cve": "CVE-2022-3545", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3545" }, { "cve": "CVE-2022-3564", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3564" }, { "cve": "CVE-2022-3565", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3565" }, { "cve": "CVE-2022-3586", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel\u2019s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3586" }, { "cve": "CVE-2022-3594", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3594" }, { "cve": "CVE-2022-3606", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3606" }, { "cve": "CVE-2022-3621", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3621" }, { "cve": "CVE-2022-3625", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3625" }, { "cve": "CVE-2022-3628", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "notes": [ { "category": "summary", "text": "A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3628" }, { "cve": "CVE-2022-3629", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3629" }, { "cve": "CVE-2022-3633", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "summary", "text": "A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3633" }, { "cve": "CVE-2022-3635", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3635" }, { "cve": "CVE-2022-3646", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "summary", "text": "A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3646" }, { "cve": "CVE-2022-3649", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-3649" }, { "cve": "CVE-2022-4095", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-4095" }, { "cve": "CVE-2022-4129", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel\u0027s Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-4129" }, { "cve": "CVE-2022-4139", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "summary", "text": "An incorrect TLB flush issue was found in the Linux kernel\u2019s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-4139" }, { "cve": "CVE-2022-4269", "cwe": { "id": "CWE-833", "name": "Deadlock" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action \"mirred\") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-4269" }, { "cve": "CVE-2022-4304", "cwe": { "id": "CWE-326", "name": "Inadequate Encryption Strength" }, "notes": [ { "category": "summary", "text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-4304" }, { "cve": "CVE-2022-4450", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-4450" }, { "cve": "CVE-2022-4662", "cwe": { "id": "CWE-455", "name": "Non-exit on Failed Initialization" }, "notes": [ { "category": "summary", "text": "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-4662" }, { "cve": "CVE-2022-20421", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20421" }, { "cve": "CVE-2022-20422", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20422" }, { "cve": "CVE-2022-20566", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20566" }, { "cve": "CVE-2022-20572", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "summary", "text": "In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20572" }, { "cve": "CVE-2022-21123", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "notes": [ { "category": "summary", "text": "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-21123" }, { "cve": "CVE-2022-21125", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "notes": [ { "category": "summary", "text": "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-21125" }, { "cve": "CVE-2022-21166", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "notes": [ { "category": "summary", "text": "Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-21166" }, { "cve": "CVE-2022-21505", "cwe": { "id": "CWE-305", "name": "Authentication Bypass by Primary Weakness" }, "notes": [ { "category": "summary", "text": "A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-21505" }, { "cve": "CVE-2022-26373", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-26373" }, { "cve": "CVE-2022-32250", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-32250" }, { "cve": "CVE-2022-32296", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "notes": [ { "category": "summary", "text": "The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 (\"Double-Hash Port Selection Algorithm\") of RFC 6056.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-32296" }, { "cve": "CVE-2022-34918", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-34918" }, { "cve": "CVE-2022-36123", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-36123" }, { "cve": "CVE-2022-36280", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-36280" }, { "cve": "CVE-2022-36879", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-36879" }, { "cve": "CVE-2022-36946", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb-\u003elen.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-36946" }, { "cve": "CVE-2022-39188", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-39188" }, { "cve": "CVE-2022-39190", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-39190" }, { "cve": "CVE-2022-40307", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-40307" }, { "cve": "CVE-2022-40768", "cwe": { "id": "CWE-668", "name": "Exposure of Resource to Wrong Sphere" }, "notes": [ { "category": "summary", "text": "drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-40768" }, { "cve": "CVE-2022-41218", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-41218" }, { "cve": "CVE-2022-41222", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-41222" }, { "cve": "CVE-2022-41674", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-41674" }, { "cve": "CVE-2022-41849", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-41849" }, { "cve": "CVE-2022-41850", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report-\u003evalue is in progress.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-41850" }, { "cve": "CVE-2022-42328", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "summary", "text": "Guests can trigger deadlock in Linux netback driver [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42328" }, { "cve": "CVE-2022-42329", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "summary", "text": "Guests can trigger deadlock in Linux netback drive. The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42329" }, { "cve": "CVE-2022-42432", "cwe": { "id": "CWE-457", "name": "Use of Uninitialized Variable" }, "notes": [ { "category": "summary", "text": "This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nft_osf_eval function. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-18540.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42432" }, { "cve": "CVE-2022-42703", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42703" }, { "cve": "CVE-2022-42719", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42719" }, { "cve": "CVE-2022-42720", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42720" }, { "cve": "CVE-2022-42721", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "notes": [ { "category": "summary", "text": "A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42721" }, { "cve": "CVE-2022-42722", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42722" }, { "cve": "CVE-2022-42895", "cwe": { "id": "CWE-824", "name": "Access of Uninitialized Pointer" }, "notes": [ { "category": "summary", "text": "There is an infoleak vulnerability in the Linux kernel\u0027s net/bluetooth/l2cap_core.c\u0027s l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42895" }, { "cve": "CVE-2022-42896", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "There are use-after-free vulnerabilities in the Linux kernel\u0027s net/bluetooth/l2cap_core.c\u0027s l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-42896" }, { "cve": "CVE-2022-43750", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor\u0027s internal memory.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-43750" }, { "cve": "CVE-2022-47518", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-47518" }, { "cve": "CVE-2022-47520", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-47520" }, { "cve": "CVE-2022-47929", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with \"tc qdisc\" and \"tc class\" commands. This affects qdisc_graft in net/sched/sch_api.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-47929" }, { "cve": "CVE-2022-47946", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of io_sqpoll_wait_sq.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-47946" }, { "cve": "CVE-2023-0215", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-0215" }, { "cve": "CVE-2023-0286", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-0286" }, { "cve": "CVE-2023-0464", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-0464" }, { "cve": "CVE-2023-0465", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-0465" }, { "cve": "CVE-2023-0466", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "The function X509_VERIFY_PARAM_add0_policy() is documented to\nimplicitly enable the certificate policy check when doing certificate\nverification. However the implementation of the function does not\nenable the check which allows certificates with invalid or incorrect\npolicies to pass the certificate verification.\n\nAs suddenly enabling the policy check could break existing deployments it was\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\nfunction.\n\nInstead the applications that require OpenSSL to perform certificate\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\nthe X509_V_FLAG_POLICY_CHECK flag argument.\n\nCertificate policy checks are disabled by default in OpenSSL and are not\ncommonly used by applications.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-0466" }, { "cve": "CVE-2023-0590", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-0590" }, { "cve": "CVE-2023-1077", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)" }, "notes": [ { "category": "summary", "text": "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-1077" }, { "cve": "CVE-2023-1095", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-1095" }, { "cve": "CVE-2023-1206", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel\u2019s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-1206" }, { "cve": "CVE-2023-2898", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-2898" }, { "cve": "CVE-2023-3141", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3141" }, { "cve": "CVE-2023-3268", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3268" }, { "cve": "CVE-2023-3338", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "A null pointer dereference flaw was found in the Linux kernel\u0027s DECnet networking protocol. This issue could allow a remote user to crash the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3338" }, { "cve": "CVE-2023-3389", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer.\r\n\r\nWe recommend upgrading past commit `ef7dfac51d8ed961b742218f526bd589f3900a59` \r\n(`4716c73b188566865bdd79c3a6709696a224ac04` for 5.10 stable and \r\n`0e388fce7aec40992eadee654193cad345d62663` for 5.15 stable).", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3389" }, { "cve": "CVE-2023-3446", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "notes": [ { "category": "summary", "text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus (\u0027p\u0027 parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3446" }, { "cve": "CVE-2023-3609", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: cls_u32 component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3609" }, { "cve": "CVE-2023-3610", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3610" }, { "cve": "CVE-2023-3611", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An out-of-bounds write vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3611" }, { "cve": "CVE-2023-3772", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3772" }, { "cve": "CVE-2023-3773", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3773" }, { "cve": "CVE-2023-3777", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain\u0027s owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-3777" }, { "cve": "CVE-2023-4004", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in the Linux kernel\u0027s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-4004" }, { "cve": "CVE-2023-4015", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-4015" }, { "cve": "CVE-2023-4273", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "summary", "text": "This vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this vulnerability to overflow the kernel stack.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-4273" }, { "cve": "CVE-2023-4623", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-4623" }, { "cve": "CVE-2023-4911", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "summary", "text": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-4911" }, { "cve": "CVE-2023-4921", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-4921" }, { "cve": "CVE-2023-5178", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious local privileged user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-5178" }, { "cve": "CVE-2023-5197", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nAddition and removal of rules from chain bindings within the same transaction causes leads to use-after-free.\r\n\r\nWe recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-5197" }, { "cve": "CVE-2023-5678", "cwe": { "id": "CWE-754", "name": "Improper Check for Unusual or Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-5678" }, { "cve": "CVE-2023-5717", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event\u0027s sibling_list is smaller than its child\u0027s sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-5717" }, { "cve": "CVE-2023-6606", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-6606" }, { "cve": "CVE-2023-6931", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-6931" }, { "cve": "CVE-2023-6932", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-6932" }, { "cve": "CVE-2023-7008", "cwe": { "id": "CWE-300", "name": "Channel Accessible by Non-Endpoint" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-7008" }, { "cve": "CVE-2023-7104", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-7104" }, { "cve": "CVE-2023-23454", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)" }, "notes": [ { "category": "summary", "text": "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-23454" }, { "cve": "CVE-2023-23455", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)" }, "notes": [ { "category": "summary", "text": "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-23455" }, { "cve": "CVE-2023-23559", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-23559" }, { "cve": "CVE-2023-26607", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-26607" }, { "cve": "CVE-2023-31085", "cwe": { "id": "CWE-369", "name": "Divide By Zero" }, "notes": [ { "category": "summary", "text": "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd-\u003eerasesize), used indirectly by ctrl_cdev_ioctl, when mtd-\u003eerasesize is 0.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-31085" }, { "cve": "CVE-2023-31436", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-31436" }, { "cve": "CVE-2023-32233", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-32233" }, { "cve": "CVE-2023-35001", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-35001" }, { "cve": "CVE-2023-35827", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-35827" }, { "cve": "CVE-2023-36660", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-36660" }, { "cve": "CVE-2023-37453", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-37453" }, { "cve": "CVE-2023-39189", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-39189" }, { "cve": "CVE-2023-39192", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-39192" }, { "cve": "CVE-2023-39193", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-39193" }, { "cve": "CVE-2023-39194", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.2, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-39194" }, { "cve": "CVE-2023-42753", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h-\u003enets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-42753" }, { "cve": "CVE-2023-42754", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-42754" }, { "cve": "CVE-2023-42755", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-42755" }, { "cve": "CVE-2023-45863", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-45863" }, { "cve": "CVE-2023-45871", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "notes": [ { "category": "summary", "text": "An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-45871" }, { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "notes": [ { "category": "summary", "text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-48795" }, { "cve": "CVE-2023-50495", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-50495" }, { "cve": "CVE-2023-51384", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-51384" }, { "cve": "CVE-2023-51385", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "notes": [ { "category": "summary", "text": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-51385" }, { "cve": "CVE-2023-51767", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2023-51767" }, { "cve": "CVE-2024-0232", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2024-0232" }, { "cve": "CVE-2024-0553", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2024-0553" }, { "cve": "CVE-2024-0567", "cwe": { "id": "CWE-347", "name": "Improper Verification of Cryptographic Signature" }, "notes": [ { "category": "summary", "text": "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2024-0567" }, { "cve": "CVE-2024-0584", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2024-0584" }, { "cve": "CVE-2024-0684", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "summary", "text": "A flaw was found in the GNU coreutils \"split\" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2024-0684" }, { "cve": "CVE-2024-22365", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2024-22365" }, { "cve": "CVE-2024-25062", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V1.1 or later version", "product_ids": [ "1" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/" }, { "category": "workaround", "details": "Only build and run applications from trusted sources", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2024-25062" } ] }
ghsa-5mq4-x9g5-4vc4
Vulnerability from github
Published
2023-12-18 21:30
Modified
2024-03-13 21:31
Severity ?
Details
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
{ "affected": [], "aliases": [ "CVE-2023-51385" ], "database_specific": { "cwe_ids": [ "CWE-78" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2023-12-18T19:15:08Z", "severity": "CRITICAL" }, "details": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.", "id": "GHSA-5mq4-x9g5-4vc4", "modified": "2024-03-13T21:31:01Z", "published": "2023-12-18T21:30:27Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385" }, { "type": "WEB", "url": "https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/202312-17" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20240105-0005" }, { "type": "WEB", "url": "https://support.apple.com/kb/HT214084" }, { "type": "WEB", "url": "https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html" }, { "type": "WEB", "url": "https://www.debian.org/security/2023/dsa-5586" }, { "type": "WEB", "url": "https://www.openssh.com/txt/release-9.6" }, { "type": "WEB", "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2" }, { "type": "WEB", "url": "http://seclists.org/fulldisclosure/2024/Mar/21" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2023/12/26/4" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }
gsd-2023-51385
Vulnerability from gsd
Modified
2023-12-19 06:01
Details
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
Aliases
{ "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2023-51385" ], "details": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.", "id": "GSD-2023-51385", "modified": "2023-12-19T06:01:24.388640Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2023-51385", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.openssh.com/txt/release-9.6", "refsource": "MISC", "url": "https://www.openssh.com/txt/release-9.6" }, { "name": "https://www.openwall.com/lists/oss-security/2023/12/18/2", "refsource": "MISC", "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2" }, { "name": "https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a", "refsource": "MISC", "url": "https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a" }, { "name": "DSA-5586", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2023/dsa-5586" }, { "name": "https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html", "refsource": "MISC", "url": "https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html" }, { "name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html" }, { "name": "[oss-security] 20231226 CVE-2023-51385, CVE-2023-6004: OpenSSH, libssh: Security weakness in ProxyCommand handling", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2023/12/26/4" }, { "name": "GLSA-202312-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202312-17" }, { "name": "https://security.netapp.com/advisory/ntap-20240105-0005/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20240105-0005/" }, { "name": "https://support.apple.com/kb/HT214084", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT214084" }, { "name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2024/Mar/21" } ] } }, "nvd.nist.gov": { "cve": { "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", "matchCriteriaId": "5308FBBB-F738-41C5-97A4-E40118E957CD", "versionEndExcluding": "9.6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "descriptions": [ { "lang": "en", "value": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name." }, { "lang": "es", "value": "En ssh en OpenSSH anterior a 9.6, la inyecci\u00f3n de comandos del sistema operativo puede ocurrir si un nombre de usuario o nombre de host tiene metacaracteres de shell, y un token de expansi\u00f3n hace referencia a este nombre en ciertas situaciones. Por ejemplo, un repositorio Git que no es de confianza puede tener un subm\u00f3dulo con metacaracteres de shell en un nombre de usuario o nombre de host." } ], "id": "CVE-2023-51385", "lastModified": "2024-03-13T21:15:55.100", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-18T19:15:08.773", "references": [ { "source": "cve@mitre.org", "url": "http://seclists.org/fulldisclosure/2024/Mar/21" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2023/12/26/4" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/202312-17" }, { "source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20240105-0005/" }, { "source": "cve@mitre.org", "url": "https://support.apple.com/kb/HT214084" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2023/dsa-5586" }, { "source": "cve@mitre.org", "tags": [ "Release Notes" ], "url": "https://www.openssh.com/txt/release-9.6" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Release Notes" ], "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-78" } ], "source": "nvd@nist.gov", "type": "Primary" } ] } } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.