Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2023-6481
Vulnerability from cvelistv5
Published
2023-12-04 08:35
Modified
2024-08-02 08:28
Severity ?
EPSS score ?
Summary
A serialization vulnerability in logback receiver component part of
logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service
attack by sending poisoned data.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | QOS.CH Sarl | logback | |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:28:21.829Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://logback.qos.ch/news.html#1.3.12" }, { "tags": [ "x_transferred" ], "url": "https://logback.qos.ch/news.html#1.3.14" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "modules": [ "logback receiver" ], "platforms": [ "Windows", "Linux", "MacOS" ], "product": "logback", "repo": "https://github.com/qos-ch/logback", "vendor": "QOS.CH Sarl", "versions": [ { "status": "unaffected", "version": "1.4.14" }, { "status": "unaffected", "version": "1.3.14" }, { "status": "unaffected", "version": "1.2.13" } ] } ], "configurations": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\u003cpre\u003eThe attacker needs to be able to feed poisoned data to a logback receiver. Thus, the attacker needs to connect to a logback receiver which can be a significant hurdle in itself.\u003cbr\u003eOnly environments where logback receiver is deployed are vulnerable. \u003cbr\u003e\u003c/pre\u003e\n\n" } ], "value": "The attacker needs to be able to feed poisoned data to a logback receiver. Thus, the attacker needs to connect to a logback receiver which can be a significant hurdle in itself.\nOnly environments where logback receiver is deployed are vulnerable. \n\n\n\n\n" } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Yakov Shafranovich, Amazon Web Services" }, { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Camilo Aparecido Ferri Moreira" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\nA serialization vulnerability in logback receiver component part of \nlogback version 1.4.13,\u0026nbsp;1.3.13 and\u0026nbsp;1.2.12 allows an attacker to mount a Denial-Of-Service \nattack by sending poisoned data.\n\n" } ], "value": "A serialization vulnerability in logback receiver component part of \nlogback version 1.4.13,\u00a01.3.13 and\u00a01.2.12 allows an attacker to mount a Denial-Of-Service \nattack by sending poisoned data.\n\n" } ], "impacts": [ { "descriptions": [ { "lang": "en", "value": "Excessive CPU or memory usage on the host where a logback receiver component is deployed" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial-of-service using poisoned data", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-04T08:35:44.396Z", "orgId": "455daabc-a392-441d-aa46-37d35189897c", "shortName": "NCSC.ch" }, "references": [ { "url": "https://logback.qos.ch/news.html#1.3.12" }, { "url": "https://logback.qos.ch/news.html#1.3.14" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Only environments where logback receiver component is deployed may be vulnerable.\n In case a logback receiver is deployed, restricting connections to \ntrustworthy clients or upgrading to logback version 1.4.14, 1.3.14, 1.2.13 or later will remedy the vulnerability.\u003cbr\u003e\u003cbr\u003eIf you do not need to deploy logback-receiver, then please verify that you do not have any \u0026lt;receiver\u0026gt;\u0026lt;/receiver\u0026gt; entries in your configuration files.\u003cbr\u003e" } ], "value": "Only environments where logback receiver component is deployed may be vulnerable.\n In case a logback receiver is deployed, restricting connections to \ntrustworthy clients or upgrading to logback version 1.4.14, 1.3.14, 1.2.13 or later will remedy the vulnerability.\n\nIf you do not need to deploy logback-receiver, then please verify that you do not have any \u003creceiver\u003e\u003c/receiver\u003e entries in your configuration files.\n" } ], "source": { "discovery": "UNKNOWN" }, "title": "Logback \"receiver\" DOS vulnerability CVE-2023-6378 incomplete fix", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Logback versions 1.2.13 and later, 1.3.14 \nand later\u0026nbsp; or 1.4.14 \nand later\n\nprovides fixes. However, please note that these fixes are only effective when deployed under Java 9 or later.\u003cbr\u003e" } ], "value": "Logback versions 1.2.13 and later, 1.3.14 \nand later\u00a0 or 1.4.14 \nand later\n\nprovides fixes. However, please note that these fixes are only effective when deployed under Java 9 or later.\n" } ], "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c", "assignerShortName": "NCSC.ch", "cveId": "CVE-2023-6481", "datePublished": "2023-12-04T08:35:44.396Z", "dateReserved": "2023-12-04T08:34:29.742Z", "dateUpdated": "2024-08-02T08:28:21.829Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2023-6481\",\"sourceIdentifier\":\"vulnerability@ncsc.ch\",\"published\":\"2023-12-04T09:15:37.250\",\"lastModified\":\"2024-11-21T08:43:56.147\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A serialization vulnerability in logback receiver component part of \\nlogback version 1.4.13,\u00a01.3.13 and\u00a01.2.12 allows an attacker to mount a Denial-Of-Service \\nattack by sending poisoned data.\\n\\n\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de serializaci\u00f3n en el componente Logback Receiver. Las versiones 1.4.13, 1.3.13 y 1.2.12 de Logback permite a un atacante montar un ataque de denegaci\u00f3n de servicio enviando datos envenenados.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"vulnerability@ncsc.ch\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.5,\"impactScore\":4.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qos:logback:1.2.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"096CE0E0-9128-42CE-9047-DC0E8575920B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qos:logback:1.3.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9E58AB3-AC12-4C3F-A8A3-A49512F276E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qos:logback:1.4.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F59BD62-E471-4F2E-A21C-DF6B5950720C\"}]}]}],\"references\":[{\"url\":\"https://logback.qos.ch/news.html#1.3.12\",\"source\":\"vulnerability@ncsc.ch\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://logback.qos.ch/news.html#1.3.14\",\"source\":\"vulnerability@ncsc.ch\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://logback.qos.ch/news.html#1.3.12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://logback.qos.ch/news.html#1.3.14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]}]}}" } }
ghsa-gm62-rw4g-vrc4
Vulnerability from github
Published
2023-12-04 09:30
Modified
2023-12-08 15:06
Severity ?
Summary
Logback is vulnerable to an attacker mounting a Denial-Of-Service attack by sending poisoned data
Details
A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.
{ "affected": [ { "package": { "ecosystem": "Maven", "name": "ch.qos.logback:logback-core" }, "ranges": [ { "events": [ { "introduced": "1.4.13" }, { "fixed": "1.4.14" } ], "type": "ECOSYSTEM" } ], "versions": [ "1.4.13" ] }, { "package": { "ecosystem": "Maven", "name": "ch.qos.logback:logback-core" }, "ranges": [ { "events": [ { "introduced": "1.3.13" }, { "fixed": "1.3.14" } ], "type": "ECOSYSTEM" } ], "versions": [ "1.3.13" ] }, { "package": { "ecosystem": "Maven", "name": "ch.qos.logback:logback-core" }, "ranges": [ { "events": [ { "introduced": "1.2.12" }, { "fixed": "1.2.13" } ], "type": "ECOSYSTEM" } ], "versions": [ "1.2.12" ] } ], "aliases": [ "CVE-2023-6481" ], "database_specific": { "cwe_ids": [], "github_reviewed": true, "github_reviewed_at": "2023-12-08T15:06:33Z", "nvd_published_at": "2023-12-04T09:15:37Z", "severity": "HIGH" }, "details": "A serialization vulnerability in logback receiver component part of logback version 1.4.13,\u00a01.3.13 and\u00a01.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.\n", "id": "GHSA-gm62-rw4g-vrc4", "modified": "2023-12-08T15:06:33Z", "published": "2023-12-04T09:30:23Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481" }, { "type": "WEB", "url": "https://github.com/qos-ch/logback/commit/7018a3609c7bcc9dc7bf5903509901a986e5f578" }, { "type": "WEB", "url": "https://github.com/qos-ch/logback/commit/c612b2fa3caf6eef3c75f1cd5859438451d0fd6f" }, { "type": "PACKAGE", "url": "https://github.com/qos-ch/logback" }, { "type": "WEB", "url": "https://logback.qos.ch/news.html#1.3.12" }, { "type": "WEB", "url": "https://logback.qos.ch/news.html#1.3.14" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "type": "CVSS_V3" } ], "summary": "Logback is vulnerable to an attacker mounting a Denial-Of-Service attack by sending poisoned data" }
gsd-2023-6481
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
A serialization vulnerability in logback receiver component part of
logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service
attack by sending poisoned data.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2023-6481", "id": "GSD-2023-6481" }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2023-6481" ], "details": "A serialization vulnerability in logback receiver component part of \nlogback version 1.4.13,\u00a01.3.13 and\u00a01.2.12 allows an attacker to mount a Denial-Of-Service \nattack by sending poisoned data.\n\n", "id": "GSD-2023-6481", "modified": "2023-12-13T01:20:32.848943Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "vulnerability@ncsc.ch", "ID": "CVE-2023-6481", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "logback", "version": { "version_data": [ { "version_value": "not down converted", "x_cve_json_5_version_data": { "defaultStatus": "unaffected", "versions": [ { "status": "unaffected", "version": "1.4.14" }, { "status": "unaffected", "version": "1.3.14" }, { "status": "unaffected", "version": "1.2.13" } ] } } ] } } ] }, "vendor_name": "QOS.CH Sarl" } ] } }, "configuration": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\u003cpre\u003eThe attacker needs to be able to feed poisoned data to a logback receiver. Thus, the attacker needs to connect to a logback receiver which can be a significant hurdle in itself.\u003cbr\u003eOnly environments where logback receiver is deployed are vulnerable. \u003cbr\u003e\u003c/pre\u003e\n\n" } ], "value": "The attacker needs to be able to feed poisoned data to a logback receiver. Thus, the attacker needs to connect to a logback receiver which can be a significant hurdle in itself.\nOnly environments where logback receiver is deployed are vulnerable. \n\n\n\n\n" } ], "credits": [ { "lang": "en", "value": "Yakov Shafranovich, Amazon Web Services" }, { "lang": "en", "value": "Camilo Aparecido Ferri Moreira" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A serialization vulnerability in logback receiver component part of \nlogback version 1.4.13,\u00a01.3.13 and\u00a01.2.12 allows an attacker to mount a Denial-Of-Service \nattack by sending poisoned data.\n\n" } ] }, "generator": { "engine": "Vulnogram 0.1.0-dev" }, "impact": { "cvss": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial-of-service using poisoned data" } ] } ] }, "references": { "reference_data": [ { "name": "https://logback.qos.ch/news.html#1.3.12", "refsource": "MISC", "url": "https://logback.qos.ch/news.html#1.3.12" }, { "name": "https://logback.qos.ch/news.html#1.3.14", "refsource": "MISC", "url": "https://logback.qos.ch/news.html#1.3.14" } ] }, "solution": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Only environments where logback receiver component is deployed may be vulnerable.\n In case a logback receiver is deployed, restricting connections to \ntrustworthy clients or upgrading to logback version 1.4.14, 1.3.14, 1.2.13 or later will remedy the vulnerability.\u003cbr\u003e\u003cbr\u003eIf you do not need to deploy logback-receiver, then please verify that you do not have any \u0026lt;receiver\u0026gt;\u0026lt;/receiver\u0026gt; entries in your configuration files.\u003cbr\u003e" } ], "value": "Only environments where logback receiver component is deployed may be vulnerable.\n In case a logback receiver is deployed, restricting connections to \ntrustworthy clients or upgrading to logback version 1.4.14, 1.3.14, 1.2.13 or later will remedy the vulnerability.\n\nIf you do not need to deploy logback-receiver, then please verify that you do not have any \u003creceiver\u003e\u003c/receiver\u003e entries in your configuration files.\n" } ], "source": { "discovery": "UNKNOWN" }, "work_around": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Logback versions 1.2.13 and later, 1.3.14 \nand later\u0026nbsp; or 1.4.14 \nand later\n\nprovides fixes. However, please note that these fixes are only effective when deployed under Java 9 or later.\u003cbr\u003e" } ], "value": "Logback versions 1.2.13 and later, 1.3.14 \nand later\u00a0 or 1.4.14 \nand later\n\nprovides fixes. However, please note that these fixes are only effective when deployed under Java 9 or later.\n" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:qos:logback:1.2.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:qos:logback:1.3.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:qos:logback:1.4.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "vulnerability@ncsc.ch", "ID": "CVE-2023-6481" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "A serialization vulnerability in logback receiver component part of \nlogback version 1.4.13,\u00a01.3.13 and\u00a01.2.12 allows an attacker to mount a Denial-Of-Service \nattack by sending poisoned data.\n\n" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ] }, "references": { "reference_data": [ { "name": "https://logback.qos.ch/news.html#1.3.12", "refsource": "", "tags": [ "Release Notes" ], "url": "https://logback.qos.ch/news.html#1.3.12" }, { "name": "https://logback.qos.ch/news.html#1.3.14", "refsource": "", "tags": [ "Release Notes" ], "url": "https://logback.qos.ch/news.html#1.3.14" } ] } }, "impact": { "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2023-12-07T19:57Z", "publishedDate": "2023-12-04T09:15Z" } } }
icsa-24-228-06
Vulnerability from csaf_cisa
Published
2024-08-13 00:00
Modified
2024-08-13 00:00
Summary
Siemens SINEC NMS
Notes
Summary
SINEC NMS before V3.0 is affected by multiple vulnerabilities.
Siemens has released a new version for SINEC NMS and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{ "document": { "acknowledgments": [ { "organization": "Siemens ProductCERT", "summary": "reporting these vulnerabilities to CISA." } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "SINEC NMS before V3.0 is affected by multiple vulnerabilities.\n\nSiemens has released a new version for SINEC NMS and recommends to update to the latest version.", "title": "Summary" }, { "category": "general", "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", "title": "General Recommendations" }, { "category": "general", "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", "title": "Additional Resources" }, { "category": "legal_disclaimer", "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", "title": "Terms of Use" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "other", "text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.", "title": "Advisory Conversion Disclaimer" }, { "category": "other", "text": "Multiple", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Germany", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", "title": "Recommended Practices" }, { "category": "general", "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.", "title": "Recommended Practices" }, { "category": "general", "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", "title": "Recommended Practices" }, { "category": "general", "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" } ], "publisher": { "category": "other", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "SSA-784301: Multiple Vulnerabilities in SINEC NMS Before V3.0 - CSAF Version", "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-784301.json" }, { "category": "self", "summary": "SSA-784301: Multiple Vulnerabilities in SINEC NMS Before V3.0 - HTML Version", "url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html" }, { "category": "self", "summary": "ICS Advisory ICSA-24-228-06 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-228-06.json" }, { "category": "self", "summary": "ICS Advisory ICSA-24-228-06 - Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-228-06" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B" } ], "title": "Siemens SINEC NMS", "tracking": { "current_release_date": "2024-08-13T00:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1" } }, "id": "ICSA-24-228-06", "initial_release_date": "2024-08-13T00:00:00.000000Z", "revision_history": [ { "date": "2024-08-13T00:00:00.000000Z", "legacy_version": "1.0", "number": "1", "summary": "Publication Date" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003cV3.0", "product": { "name": "SINEC NMS", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "SINEC NMS" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-4611", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-4611" }, { "cve": "CVE-2023-5868", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with \u0027unknown\u0027-type arguments. Handling \u0027unknown\u0027-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-5868" }, { "cve": "CVE-2023-5869", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server\u0027s memory.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-5869" }, { "cve": "CVE-2023-5870", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-5870" }, { "cve": "CVE-2023-6378", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-6378" }, { "cve": "CVE-2023-6481", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-6481" }, { "cve": "CVE-2023-31122", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-31122" }, { "cve": "CVE-2023-34050", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "summary", "text": "In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class names were added to Spring AMQP, allowing users to lock down deserialization of data in messages from untrusted sources; however by default, when no allowed list was provided, all classes could be deserialized. Specifically, an application is vulnerable if \r\n\r\n * the SimpleMessageConverter or SerializerMessageConverter is used \r\n * the user does not configure allowed list patterns \r\n * untrusted message originators gain permissions to write messages to the RabbitMQ broker to send malicious content.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-34050" }, { "cve": "CVE-2023-39615", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor\u0027s position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-39615" }, { "cve": "CVE-2023-42794", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Incomplete Cleanup vulnerability in Apache Tomcat.\r\n\r\nThe internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, \r\nin progress refactoring that exposed a potential denial of service on \r\nWindows if a web application opened a stream for an uploaded file but \r\nfailed to close the stream. The file would never be deleted from disk \r\ncreating the possibility of an eventual denial of service due to the \r\ndisk being full.\r\n\r\nUsers are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-42794" }, { "cve": "CVE-2023-42795", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could \r\ncause Tomcat to skip some parts of the recycling process leading to \r\ninformation leaking from the current request/response to the next.\r\n\r\nUsers are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-42795" }, { "cve": "CVE-2023-43622", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known \"slow loris\" attack pattern.\r\nThis has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.\r\n\r\nThis issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.\r\n\r\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-43622" }, { "cve": "CVE-2023-44487", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-44487" }, { "cve": "CVE-2023-45648", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Improper Input Validation vulnerability in Apache Tomcat.Tomcat\u00a0from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially \r\ncrafted, invalid trailer header could cause Tomcat to treat a single \r\nrequest as multiple requests leading to the possibility of request \r\nsmuggling when behind a reverse proxy.\r\n\r\nUsers are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-45648" }, { "cve": "CVE-2023-45802", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request\u0027s memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.\r\n\r\nThis was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.\r\n\r\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-45802" }, { "cve": "CVE-2023-46120", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. `maxBodyLebgth` was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer. This vulnerability was patched in version 5.18.0.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-46120" }, { "cve": "CVE-2023-46280", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-46280" }, { "cve": "CVE-2023-46589", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-46589" }, { "cve": "CVE-2023-52425", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-52425" }, { "cve": "CVE-2023-52426", "cwe": { "id": "CWE-776", "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)" }, "notes": [ { "category": "summary", "text": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-52426" }, { "cve": "CVE-2024-0985", "cwe": { "id": "CWE-271", "name": "Privilege Dropping / Lowering Errors" }, "notes": [ { "category": "summary", "text": "Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker\u0027s roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker\u0027s materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-0985" }, { "cve": "CVE-2024-25062", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-25062" }, { "cve": "CVE-2024-28182", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "summary", "text": "nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-28182" }, { "cve": "CVE-2024-28757", "cwe": { "id": "CWE-776", "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)" }, "notes": [ { "category": "summary", "text": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-28757" }, { "cve": "CVE-2024-36398", "cwe": { "id": "CWE-250", "name": "Execution with Unnecessary Privileges" }, "notes": [ { "category": "summary", "text": "The affected application executes a subset of its services as `NT AUTHORITY\\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-36398" }, { "cve": "CVE-2024-41938", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "notes": [ { "category": "summary", "text": "The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary certificate files on the drive SINEC NMS is installed on.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-41938" }, { "cve": "CVE-2024-41939", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "summary", "text": "The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and elevate their privileges on the application.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-41939" }, { "cve": "CVE-2024-41940", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The affected application does not properly validate user input to a privileged command queue. This could allow an authenticated attacker to execute OS commands with elevated privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-41940" }, { "cve": "CVE-2024-41941", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "summary", "text": "The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-41941" } ] }
ICSA-24-228-06
Vulnerability from csaf_cisa
Published
2024-08-13 00:00
Modified
2024-08-13 00:00
Summary
Siemens SINEC NMS
Notes
Summary
SINEC NMS before V3.0 is affected by multiple vulnerabilities.
Siemens has released a new version for SINEC NMS and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{ "document": { "acknowledgments": [ { "organization": "Siemens ProductCERT", "summary": "reporting these vulnerabilities to CISA." } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "SINEC NMS before V3.0 is affected by multiple vulnerabilities.\n\nSiemens has released a new version for SINEC NMS and recommends to update to the latest version.", "title": "Summary" }, { "category": "general", "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", "title": "General Recommendations" }, { "category": "general", "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", "title": "Additional Resources" }, { "category": "legal_disclaimer", "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", "title": "Terms of Use" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "other", "text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.", "title": "Advisory Conversion Disclaimer" }, { "category": "other", "text": "Multiple", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Germany", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", "title": "Recommended Practices" }, { "category": "general", "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.", "title": "Recommended Practices" }, { "category": "general", "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", "title": "Recommended Practices" }, { "category": "general", "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" } ], "publisher": { "category": "other", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "SSA-784301: Multiple Vulnerabilities in SINEC NMS Before V3.0 - CSAF Version", "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-784301.json" }, { "category": "self", "summary": "SSA-784301: Multiple Vulnerabilities in SINEC NMS Before V3.0 - HTML Version", "url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html" }, { "category": "self", "summary": "ICS Advisory ICSA-24-228-06 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-228-06.json" }, { "category": "self", "summary": "ICS Advisory ICSA-24-228-06 - Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-228-06" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B" } ], "title": "Siemens SINEC NMS", "tracking": { "current_release_date": "2024-08-13T00:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1" } }, "id": "ICSA-24-228-06", "initial_release_date": "2024-08-13T00:00:00.000000Z", "revision_history": [ { "date": "2024-08-13T00:00:00.000000Z", "legacy_version": "1.0", "number": "1", "summary": "Publication Date" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003cV3.0", "product": { "name": "SINEC NMS", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "SINEC NMS" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-4611", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-4611" }, { "cve": "CVE-2023-5868", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with \u0027unknown\u0027-type arguments. Handling \u0027unknown\u0027-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-5868" }, { "cve": "CVE-2023-5869", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server\u0027s memory.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-5869" }, { "cve": "CVE-2023-5870", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-5870" }, { "cve": "CVE-2023-6378", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-6378" }, { "cve": "CVE-2023-6481", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-6481" }, { "cve": "CVE-2023-31122", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-31122" }, { "cve": "CVE-2023-34050", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "summary", "text": "In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class names were added to Spring AMQP, allowing users to lock down deserialization of data in messages from untrusted sources; however by default, when no allowed list was provided, all classes could be deserialized. Specifically, an application is vulnerable if \r\n\r\n * the SimpleMessageConverter or SerializerMessageConverter is used \r\n * the user does not configure allowed list patterns \r\n * untrusted message originators gain permissions to write messages to the RabbitMQ broker to send malicious content.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-34050" }, { "cve": "CVE-2023-39615", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor\u0027s position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-39615" }, { "cve": "CVE-2023-42794", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Incomplete Cleanup vulnerability in Apache Tomcat.\r\n\r\nThe internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, \r\nin progress refactoring that exposed a potential denial of service on \r\nWindows if a web application opened a stream for an uploaded file but \r\nfailed to close the stream. The file would never be deleted from disk \r\ncreating the possibility of an eventual denial of service due to the \r\ndisk being full.\r\n\r\nUsers are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-42794" }, { "cve": "CVE-2023-42795", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could \r\ncause Tomcat to skip some parts of the recycling process leading to \r\ninformation leaking from the current request/response to the next.\r\n\r\nUsers are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-42795" }, { "cve": "CVE-2023-43622", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known \"slow loris\" attack pattern.\r\nThis has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.\r\n\r\nThis issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.\r\n\r\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-43622" }, { "cve": "CVE-2023-44487", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-44487" }, { "cve": "CVE-2023-45648", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Improper Input Validation vulnerability in Apache Tomcat.Tomcat\u00a0from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially \r\ncrafted, invalid trailer header could cause Tomcat to treat a single \r\nrequest as multiple requests leading to the possibility of request \r\nsmuggling when behind a reverse proxy.\r\n\r\nUsers are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-45648" }, { "cve": "CVE-2023-45802", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request\u0027s memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.\r\n\r\nThis was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.\r\n\r\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-45802" }, { "cve": "CVE-2023-46120", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. `maxBodyLebgth` was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer. This vulnerability was patched in version 5.18.0.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-46120" }, { "cve": "CVE-2023-46280", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-46280" }, { "cve": "CVE-2023-46589", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-46589" }, { "cve": "CVE-2023-52425", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-52425" }, { "cve": "CVE-2023-52426", "cwe": { "id": "CWE-776", "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)" }, "notes": [ { "category": "summary", "text": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-52426" }, { "cve": "CVE-2024-0985", "cwe": { "id": "CWE-271", "name": "Privilege Dropping / Lowering Errors" }, "notes": [ { "category": "summary", "text": "Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker\u0027s roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker\u0027s materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-0985" }, { "cve": "CVE-2024-25062", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-25062" }, { "cve": "CVE-2024-28182", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "summary", "text": "nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-28182" }, { "cve": "CVE-2024-28757", "cwe": { "id": "CWE-776", "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)" }, "notes": [ { "category": "summary", "text": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-28757" }, { "cve": "CVE-2024-36398", "cwe": { "id": "CWE-250", "name": "Execution with Unnecessary Privileges" }, "notes": [ { "category": "summary", "text": "The affected application executes a subset of its services as `NT AUTHORITY\\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-36398" }, { "cve": "CVE-2024-41938", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "notes": [ { "category": "summary", "text": "The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary certificate files on the drive SINEC NMS is installed on.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-41938" }, { "cve": "CVE-2024-41939", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "summary", "text": "The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and elevate their privileges on the application.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-41939" }, { "cve": "CVE-2024-41940", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The affected application does not properly validate user input to a privileged command queue. This could allow an authenticated attacker to execute OS commands with elevated privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-41940" }, { "cve": "CVE-2024-41941", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "summary", "text": "The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V3.0 or later version", "product_ids": [ "CSAFPID-0001" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/" } ], "scores": [ { "cvss_v3": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2024-41941" } ] }
ncsc-2024-0332
Vulnerability from csaf_ncscnl
Published
2024-08-13 09:21
Modified
2024-08-13 09:21
Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten als COMOS, INTRALOG, LOGO!, NX, SCALANCE, SINEC en Teamcenter.
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- (Remote) code execution (Administrator/Root rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Spoofing
- Verhoogde gebruikersrechten
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-125
Out-of-bounds Read
CWE-20
Improper Input Validation
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-250
Execution with Unnecessary Privileges
CWE-256
Plaintext Storage of a Password
CWE-269
Improper Privilege Management
CWE-284
Improper Access Control
CWE-307
Improper Restriction of Excessive Authentication Attempts
CWE-326
Inadequate Encryption Strength
CWE-358
Improperly Implemented Security Check for Standard
CWE-488
Exposure of Data Element to Wrong Session
CWE-521
Weak Password Requirements
CWE-524
Use of Cache Containing Sensitive Information
CWE-532
Insertion of Sensitive Information into Log File
CWE-863
Incorrect Authorization
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Siemens heeft kwetsbaarheden verholpen in diverse producten als COMOS, INTRALOG, LOGO!, NX, SCALANCE, SINEC en Teamcenter.", "title": "Feiten" }, { "category": "description", "text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- (Remote) code execution (Administrator/Root rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Spoofing\n- Verhoogde gebruikersrechten\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.", "title": "Interpretaties" }, { "category": "description", "text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "general", "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "title": "CWE-22" }, { "category": "general", "text": "Execution with Unnecessary Privileges", "title": "CWE-250" }, { "category": "general", "text": "Plaintext Storage of a Password", "title": "CWE-256" }, { "category": "general", "text": "Improper Privilege Management", "title": "CWE-269" }, { "category": "general", "text": "Improper Access Control", "title": "CWE-284" }, { "category": "general", "text": "Improper Restriction of Excessive Authentication Attempts", "title": "CWE-307" }, { "category": "general", "text": "Inadequate Encryption Strength", "title": "CWE-326" }, { "category": "general", "text": "Improperly Implemented Security Check for Standard", "title": "CWE-358" }, { "category": "general", "text": "Exposure of Data Element to Wrong Session", "title": "CWE-488" }, { "category": "general", "text": "Weak Password Requirements", "title": "CWE-521" }, { "category": "general", "text": "Use of Cache Containing Sensitive Information", "title": "CWE-524" }, { "category": "general", "text": "Insertion of Sensitive Information into Log File", "title": "CWE-532" }, { "category": "general", "text": "Incorrect Authorization", "title": "CWE-863" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-087301.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-357412.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-417547.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-659443.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-716317.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-720392.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784301.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-856475.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-921449.pdf" } ], "title": "Kwetsbaarheden verholpen in Siemens producten", "tracking": { "current_release_date": "2024-08-13T09:21:28.381575Z", "id": "NCSC-2024-0332", "initial_release_date": "2024-08-13T09:21:28.381575Z", "revision_history": [ { "date": "2024-08-13T09:21:28.381575Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "vulnerabilities": [ { "cve": "CVE-2023-4611", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "references": [ { "category": "self", "summary": "CVE-2023-4611", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4611.json" } ], "title": "CVE-2023-4611" }, { "cve": "CVE-2023-5180", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "references": [ { "category": "self", "summary": "CVE-2023-5180", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5180.json" } ], "title": "CVE-2023-5180" }, { "cve": "CVE-2023-5868", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Function Call With Incorrect Argument Type", "title": "CWE-686" } ], "references": [ { "category": "self", "summary": "CVE-2023-5868", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5868.json" } ], "title": "CVE-2023-5868" }, { "cve": "CVE-2023-5869", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" } ], "references": [ { "category": "self", "summary": "CVE-2023-5869", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5869.json" } ], "title": "CVE-2023-5869" }, { "cve": "CVE-2023-5870", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-5870", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5870.json" } ], "title": "CVE-2023-5870" }, { "cve": "CVE-2023-6378", "cwe": { "id": "CWE-499", "name": "Serializable Class Containing Sensitive Data" }, "notes": [ { "category": "other", "text": "Serializable Class Containing Sensitive Data", "title": "CWE-499" } ], "references": [ { "category": "self", "summary": "CVE-2023-6378", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6378.json" } ], "title": "CVE-2023-6378" }, { "cve": "CVE-2023-6481", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-6481", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6481.json" } ], "title": "CVE-2023-6481" }, { "cve": "CVE-2023-26495", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "references": [ { "category": "self", "summary": "CVE-2023-26495", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26495.json" } ], "title": "CVE-2023-26495" }, { "cve": "CVE-2023-31122", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2023-31122", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-31122.json" } ], "title": "CVE-2023-31122" }, { "cve": "CVE-2023-34050", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" } ], "references": [ { "category": "self", "summary": "CVE-2023-34050", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34050.json" } ], "title": "CVE-2023-34050" }, { "cve": "CVE-2023-39615", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" } ], "references": [ { "category": "self", "summary": "CVE-2023-39615", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39615.json" } ], "title": "CVE-2023-39615" }, { "cve": "CVE-2023-42794", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "notes": [ { "category": "other", "text": "Incomplete Cleanup", "title": "CWE-459" } ], "references": [ { "category": "self", "summary": "CVE-2023-42794", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42794.json" } ], "title": "CVE-2023-42794" }, { "cve": "CVE-2023-42795", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "notes": [ { "category": "other", "text": "Incomplete Cleanup", "title": "CWE-459" } ], "references": [ { "category": "self", "summary": "CVE-2023-42795", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42795.json" } ], "title": "CVE-2023-42795" }, { "cve": "CVE-2023-43622", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-43622", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43622.json" } ], "title": "CVE-2023-43622" }, { "cve": "CVE-2023-44321", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-44321", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44321.json" } ], "title": "CVE-2023-44321" }, { "cve": "CVE-2023-44487", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-44487", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json" } ], "title": "CVE-2023-44487" }, { "cve": "CVE-2023-45648", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2023-45648", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45648.json" } ], "title": "CVE-2023-45648" }, { "cve": "CVE-2023-45802", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-45802", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45802.json" } ], "title": "CVE-2023-45802" }, { "cve": "CVE-2023-46120", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-46120", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46120.json" } ], "title": "CVE-2023-46120" }, { "cve": "CVE-2023-46280", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2023-46280", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46280.json" } ], "title": "CVE-2023-46280" }, { "cve": "CVE-2023-46589", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "notes": [ { "category": "other", "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)", "title": "CWE-444" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2023-46589", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46589.json" } ], "title": "CVE-2023-46589" }, { "cve": "CVE-2023-52425", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-52425", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json" } ], "title": "CVE-2023-52425" }, { "cve": "CVE-2023-52426", "cwe": { "id": "CWE-776", "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)" }, "notes": [ { "category": "other", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" } ], "references": [ { "category": "self", "summary": "CVE-2023-52426", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json" } ], "title": "CVE-2023-52426" }, { "cve": "CVE-2024-0056", "cwe": { "id": "CWE-420", "name": "Unprotected Alternate Channel" }, "notes": [ { "category": "other", "text": "Unprotected Alternate Channel", "title": "CWE-420" }, { "category": "other", "text": "Cleartext Transmission of Sensitive Information", "title": "CWE-319" } ], "references": [ { "category": "self", "summary": "CVE-2024-0056", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0056.json" } ], "title": "CVE-2024-0056" }, { "cve": "CVE-2024-0985", "cwe": { "id": "CWE-271", "name": "Privilege Dropping / Lowering Errors" }, "notes": [ { "category": "other", "text": "Privilege Dropping / Lowering Errors", "title": "CWE-271" } ], "references": [ { "category": "self", "summary": "CVE-2024-0985", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0985.json" } ], "title": "CVE-2024-0985" }, { "cve": "CVE-2024-25062", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "references": [ { "category": "self", "summary": "CVE-2024-25062", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json" } ], "title": "CVE-2024-25062" }, { "cve": "CVE-2024-28182", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Detection of Error Condition Without Action", "title": "CWE-390" }, { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "references": [ { "category": "self", "summary": "CVE-2024-28182", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json" } ], "title": "CVE-2024-28182" }, { "cve": "CVE-2024-28757", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "notes": [ { "category": "other", "text": "Improper Restriction of XML External Entity Reference", "title": "CWE-611" }, { "category": "other", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2024-28757", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28757.json" } ], "title": "CVE-2024-28757" }, { "cve": "CVE-2024-30045", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" } ], "references": [ { "category": "self", "summary": "CVE-2024-30045", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30045.json" } ], "title": "CVE-2024-30045" }, { "cve": "CVE-2024-32635", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2024-32635", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32635.json" } ], "title": "CVE-2024-32635" }, { "cve": "CVE-2024-32636", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2024-32636", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32636.json" } ], "title": "CVE-2024-32636" }, { "cve": "CVE-2024-32637", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "references": [ { "category": "self", "summary": "CVE-2024-32637", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32637.json" } ], "title": "CVE-2024-32637" }, { "cve": "CVE-2024-36398", "cwe": { "id": "CWE-250", "name": "Execution with Unnecessary Privileges" }, "notes": [ { "category": "other", "text": "Execution with Unnecessary Privileges", "title": "CWE-250" } ], "references": [ { "category": "self", "summary": "CVE-2024-36398", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36398.json" } ], "title": "CVE-2024-36398" }, { "cve": "CVE-2024-39922", "cwe": { "id": "CWE-256", "name": "Plaintext Storage of a Password" }, "notes": [ { "category": "other", "text": "Plaintext Storage of a Password", "title": "CWE-256" } ], "references": [ { "category": "self", "summary": "CVE-2024-39922", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39922.json" } ], "title": "CVE-2024-39922" }, { "cve": "CVE-2024-41681", "cwe": { "id": "CWE-326", "name": "Inadequate Encryption Strength" }, "notes": [ { "category": "other", "text": "Inadequate Encryption Strength", "title": "CWE-326" } ], "references": [ { "category": "self", "summary": "CVE-2024-41681", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41681.json" } ], "title": "CVE-2024-41681" }, { "cve": "CVE-2024-41682", "cwe": { "id": "CWE-307", "name": "Improper Restriction of Excessive Authentication Attempts" }, "notes": [ { "category": "other", "text": "Improper Restriction of Excessive Authentication Attempts", "title": "CWE-307" } ], "references": [ { "category": "self", "summary": "CVE-2024-41682", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41682.json" } ], "title": "CVE-2024-41682" }, { "cve": "CVE-2024-41683", "cwe": { "id": "CWE-521", "name": "Weak Password Requirements" }, "notes": [ { "category": "other", "text": "Weak Password Requirements", "title": "CWE-521" } ], "references": [ { "category": "self", "summary": "CVE-2024-41683", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41683.json" } ], "title": "CVE-2024-41683" }, { "cve": "CVE-2024-41903", "cwe": { "id": "CWE-269", "name": "Improper Privilege Management" }, "notes": [ { "category": "other", "text": "Improper Privilege Management", "title": "CWE-269" } ], "references": [ { "category": "self", "summary": "CVE-2024-41903", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41903.json" } ], "title": "CVE-2024-41903" }, { "cve": "CVE-2024-41904", "cwe": { "id": "CWE-307", "name": "Improper Restriction of Excessive Authentication Attempts" }, "notes": [ { "category": "other", "text": "Improper Restriction of Excessive Authentication Attempts", "title": "CWE-307" } ], "references": [ { "category": "self", "summary": "CVE-2024-41904", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41904.json" } ], "title": "CVE-2024-41904" }, { "cve": "CVE-2024-41905", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "other", "text": "Improper Access Control", "title": "CWE-284" } ], "references": [ { "category": "self", "summary": "CVE-2024-41905", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41905.json" } ], "title": "CVE-2024-41905" }, { "cve": "CVE-2024-41906", "cwe": { "id": "CWE-524", "name": "Use of Cache Containing Sensitive Information" }, "notes": [ { "category": "other", "text": "Use of Cache Containing Sensitive Information", "title": "CWE-524" } ], "references": [ { "category": "self", "summary": "CVE-2024-41906", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41906.json" } ], "title": "CVE-2024-41906" }, { "cve": "CVE-2024-41907", "cwe": { "id": "CWE-358", "name": "Improperly Implemented Security Check for Standard" }, "notes": [ { "category": "other", "text": "Improperly Implemented Security Check for Standard", "title": "CWE-358" } ], "references": [ { "category": "self", "summary": "CVE-2024-41907", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41907.json" } ], "title": "CVE-2024-41907" }, { "cve": "CVE-2024-41908", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2024-41908", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41908.json" } ], "title": "CVE-2024-41908" }, { "cve": "CVE-2024-41938", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "notes": [ { "category": "other", "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "title": "CWE-22" } ], "references": [ { "category": "self", "summary": "CVE-2024-41938", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41938.json" } ], "title": "CVE-2024-41938" }, { "cve": "CVE-2024-41939", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "other", "text": "Incorrect Authorization", "title": "CWE-863" } ], "references": [ { "category": "self", "summary": "CVE-2024-41939", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41939.json" } ], "title": "CVE-2024-41939" }, { "cve": "CVE-2024-41940", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2024-41940", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41940.json" } ], "title": "CVE-2024-41940" }, { "cve": "CVE-2024-41941", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "other", "text": "Incorrect Authorization", "title": "CWE-863" } ], "references": [ { "category": "self", "summary": "CVE-2024-41941", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41941.json" } ], "title": "CVE-2024-41941" }, { "cve": "CVE-2024-41976", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2024-41976", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41976.json" } ], "title": "CVE-2024-41976" }, { "cve": "CVE-2024-41977", "cwe": { "id": "CWE-488", "name": "Exposure of Data Element to Wrong Session" }, "notes": [ { "category": "other", "text": "Exposure of Data Element to Wrong Session", "title": "CWE-488" } ], "references": [ { "category": "self", "summary": "CVE-2024-41977", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41977.json" } ], "title": "CVE-2024-41977" }, { "cve": "CVE-2024-41978", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "notes": [ { "category": "other", "text": "Insertion of Sensitive Information into Log File", "title": "CWE-532" } ], "references": [ { "category": "self", "summary": "CVE-2024-41978", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41978.json" } ], "title": "CVE-2024-41978" } ] }
NCSC-2024-0332
Vulnerability from csaf_ncscnl
Published
2024-08-13 09:21
Modified
2024-08-13 09:21
Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten als COMOS, INTRALOG, LOGO!, NX, SCALANCE, SINEC en Teamcenter.
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- (Remote) code execution (Administrator/Root rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Spoofing
- Verhoogde gebruikersrechten
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-125
Out-of-bounds Read
CWE-20
Improper Input Validation
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-250
Execution with Unnecessary Privileges
CWE-256
Plaintext Storage of a Password
CWE-269
Improper Privilege Management
CWE-284
Improper Access Control
CWE-307
Improper Restriction of Excessive Authentication Attempts
CWE-326
Inadequate Encryption Strength
CWE-358
Improperly Implemented Security Check for Standard
CWE-488
Exposure of Data Element to Wrong Session
CWE-521
Weak Password Requirements
CWE-524
Use of Cache Containing Sensitive Information
CWE-532
Insertion of Sensitive Information into Log File
CWE-863
Incorrect Authorization
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Siemens heeft kwetsbaarheden verholpen in diverse producten als COMOS, INTRALOG, LOGO!, NX, SCALANCE, SINEC en Teamcenter.", "title": "Feiten" }, { "category": "description", "text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- (Remote) code execution (Administrator/Root rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Spoofing\n- Verhoogde gebruikersrechten\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.", "title": "Interpretaties" }, { "category": "description", "text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "general", "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "title": "CWE-22" }, { "category": "general", "text": "Execution with Unnecessary Privileges", "title": "CWE-250" }, { "category": "general", "text": "Plaintext Storage of a Password", "title": "CWE-256" }, { "category": "general", "text": "Improper Privilege Management", "title": "CWE-269" }, { "category": "general", "text": "Improper Access Control", "title": "CWE-284" }, { "category": "general", "text": "Improper Restriction of Excessive Authentication Attempts", "title": "CWE-307" }, { "category": "general", "text": "Inadequate Encryption Strength", "title": "CWE-326" }, { "category": "general", "text": "Improperly Implemented Security Check for Standard", "title": "CWE-358" }, { "category": "general", "text": "Exposure of Data Element to Wrong Session", "title": "CWE-488" }, { "category": "general", "text": "Weak Password Requirements", "title": "CWE-521" }, { "category": "general", "text": "Use of Cache Containing Sensitive Information", "title": "CWE-524" }, { "category": "general", "text": "Insertion of Sensitive Information into Log File", "title": "CWE-532" }, { "category": "general", "text": "Incorrect Authorization", "title": "CWE-863" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-087301.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-357412.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-417547.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-659443.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-716317.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-720392.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784301.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-856475.pdf" }, { "category": "external", "summary": "Reference - ncscclear", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-921449.pdf" } ], "title": "Kwetsbaarheden verholpen in Siemens producten", "tracking": { "current_release_date": "2024-08-13T09:21:28.381575Z", "id": "NCSC-2024-0332", "initial_release_date": "2024-08-13T09:21:28.381575Z", "revision_history": [ { "date": "2024-08-13T09:21:28.381575Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "vulnerabilities": [ { "cve": "CVE-2023-4611", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "references": [ { "category": "self", "summary": "CVE-2023-4611", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4611.json" } ], "title": "CVE-2023-4611" }, { "cve": "CVE-2023-5180", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "references": [ { "category": "self", "summary": "CVE-2023-5180", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5180.json" } ], "title": "CVE-2023-5180" }, { "cve": "CVE-2023-5868", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Function Call With Incorrect Argument Type", "title": "CWE-686" } ], "references": [ { "category": "self", "summary": "CVE-2023-5868", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5868.json" } ], "title": "CVE-2023-5868" }, { "cve": "CVE-2023-5869", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" } ], "references": [ { "category": "self", "summary": "CVE-2023-5869", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5869.json" } ], "title": "CVE-2023-5869" }, { "cve": "CVE-2023-5870", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-5870", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5870.json" } ], "title": "CVE-2023-5870" }, { "cve": "CVE-2023-6378", "cwe": { "id": "CWE-499", "name": "Serializable Class Containing Sensitive Data" }, "notes": [ { "category": "other", "text": "Serializable Class Containing Sensitive Data", "title": "CWE-499" } ], "references": [ { "category": "self", "summary": "CVE-2023-6378", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6378.json" } ], "title": "CVE-2023-6378" }, { "cve": "CVE-2023-6481", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-6481", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6481.json" } ], "title": "CVE-2023-6481" }, { "cve": "CVE-2023-26495", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "references": [ { "category": "self", "summary": "CVE-2023-26495", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26495.json" } ], "title": "CVE-2023-26495" }, { "cve": "CVE-2023-31122", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2023-31122", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-31122.json" } ], "title": "CVE-2023-31122" }, { "cve": "CVE-2023-34050", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" } ], "references": [ { "category": "self", "summary": "CVE-2023-34050", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34050.json" } ], "title": "CVE-2023-34050" }, { "cve": "CVE-2023-39615", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" } ], "references": [ { "category": "self", "summary": "CVE-2023-39615", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39615.json" } ], "title": "CVE-2023-39615" }, { "cve": "CVE-2023-42794", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "notes": [ { "category": "other", "text": "Incomplete Cleanup", "title": "CWE-459" } ], "references": [ { "category": "self", "summary": "CVE-2023-42794", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42794.json" } ], "title": "CVE-2023-42794" }, { "cve": "CVE-2023-42795", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "notes": [ { "category": "other", "text": "Incomplete Cleanup", "title": "CWE-459" } ], "references": [ { "category": "self", "summary": "CVE-2023-42795", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42795.json" } ], "title": "CVE-2023-42795" }, { "cve": "CVE-2023-43622", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-43622", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43622.json" } ], "title": "CVE-2023-43622" }, { "cve": "CVE-2023-44321", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-44321", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44321.json" } ], "title": "CVE-2023-44321" }, { "cve": "CVE-2023-44487", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-44487", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json" } ], "title": "CVE-2023-44487" }, { "cve": "CVE-2023-45648", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2023-45648", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45648.json" } ], "title": "CVE-2023-45648" }, { "cve": "CVE-2023-45802", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-45802", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45802.json" } ], "title": "CVE-2023-45802" }, { "cve": "CVE-2023-46120", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-46120", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46120.json" } ], "title": "CVE-2023-46120" }, { "cve": "CVE-2023-46280", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2023-46280", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46280.json" } ], "title": "CVE-2023-46280" }, { "cve": "CVE-2023-46589", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "notes": [ { "category": "other", "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)", "title": "CWE-444" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2023-46589", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46589.json" } ], "title": "CVE-2023-46589" }, { "cve": "CVE-2023-52425", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2023-52425", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json" } ], "title": "CVE-2023-52425" }, { "cve": "CVE-2023-52426", "cwe": { "id": "CWE-776", "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)" }, "notes": [ { "category": "other", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" } ], "references": [ { "category": "self", "summary": "CVE-2023-52426", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json" } ], "title": "CVE-2023-52426" }, { "cve": "CVE-2024-0056", "cwe": { "id": "CWE-420", "name": "Unprotected Alternate Channel" }, "notes": [ { "category": "other", "text": "Unprotected Alternate Channel", "title": "CWE-420" }, { "category": "other", "text": "Cleartext Transmission of Sensitive Information", "title": "CWE-319" } ], "references": [ { "category": "self", "summary": "CVE-2024-0056", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0056.json" } ], "title": "CVE-2024-0056" }, { "cve": "CVE-2024-0985", "cwe": { "id": "CWE-271", "name": "Privilege Dropping / Lowering Errors" }, "notes": [ { "category": "other", "text": "Privilege Dropping / Lowering Errors", "title": "CWE-271" } ], "references": [ { "category": "self", "summary": "CVE-2024-0985", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0985.json" } ], "title": "CVE-2024-0985" }, { "cve": "CVE-2024-25062", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "references": [ { "category": "self", "summary": "CVE-2024-25062", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json" } ], "title": "CVE-2024-25062" }, { "cve": "CVE-2024-28182", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Detection of Error Condition Without Action", "title": "CWE-390" }, { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "references": [ { "category": "self", "summary": "CVE-2024-28182", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json" } ], "title": "CVE-2024-28182" }, { "cve": "CVE-2024-28757", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "notes": [ { "category": "other", "text": "Improper Restriction of XML External Entity Reference", "title": "CWE-611" }, { "category": "other", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2024-28757", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28757.json" } ], "title": "CVE-2024-28757" }, { "cve": "CVE-2024-30045", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" } ], "references": [ { "category": "self", "summary": "CVE-2024-30045", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30045.json" } ], "title": "CVE-2024-30045" }, { "cve": "CVE-2024-32635", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2024-32635", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32635.json" } ], "title": "CVE-2024-32635" }, { "cve": "CVE-2024-32636", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2024-32636", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32636.json" } ], "title": "CVE-2024-32636" }, { "cve": "CVE-2024-32637", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "references": [ { "category": "self", "summary": "CVE-2024-32637", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32637.json" } ], "title": "CVE-2024-32637" }, { "cve": "CVE-2024-36398", "cwe": { "id": "CWE-250", "name": "Execution with Unnecessary Privileges" }, "notes": [ { "category": "other", "text": "Execution with Unnecessary Privileges", "title": "CWE-250" } ], "references": [ { "category": "self", "summary": "CVE-2024-36398", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36398.json" } ], "title": "CVE-2024-36398" }, { "cve": "CVE-2024-39922", "cwe": { "id": "CWE-256", "name": "Plaintext Storage of a Password" }, "notes": [ { "category": "other", "text": "Plaintext Storage of a Password", "title": "CWE-256" } ], "references": [ { "category": "self", "summary": "CVE-2024-39922", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39922.json" } ], "title": "CVE-2024-39922" }, { "cve": "CVE-2024-41681", "cwe": { "id": "CWE-326", "name": "Inadequate Encryption Strength" }, "notes": [ { "category": "other", "text": "Inadequate Encryption Strength", "title": "CWE-326" } ], "references": [ { "category": "self", "summary": "CVE-2024-41681", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41681.json" } ], "title": "CVE-2024-41681" }, { "cve": "CVE-2024-41682", "cwe": { "id": "CWE-307", "name": "Improper Restriction of Excessive Authentication Attempts" }, "notes": [ { "category": "other", "text": "Improper Restriction of Excessive Authentication Attempts", "title": "CWE-307" } ], "references": [ { "category": "self", "summary": "CVE-2024-41682", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41682.json" } ], "title": "CVE-2024-41682" }, { "cve": "CVE-2024-41683", "cwe": { "id": "CWE-521", "name": "Weak Password Requirements" }, "notes": [ { "category": "other", "text": "Weak Password Requirements", "title": "CWE-521" } ], "references": [ { "category": "self", "summary": "CVE-2024-41683", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41683.json" } ], "title": "CVE-2024-41683" }, { "cve": "CVE-2024-41903", "cwe": { "id": "CWE-269", "name": "Improper Privilege Management" }, "notes": [ { "category": "other", "text": "Improper Privilege Management", "title": "CWE-269" } ], "references": [ { "category": "self", "summary": "CVE-2024-41903", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41903.json" } ], "title": "CVE-2024-41903" }, { "cve": "CVE-2024-41904", "cwe": { "id": "CWE-307", "name": "Improper Restriction of Excessive Authentication Attempts" }, "notes": [ { "category": "other", "text": "Improper Restriction of Excessive Authentication Attempts", "title": "CWE-307" } ], "references": [ { "category": "self", "summary": "CVE-2024-41904", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41904.json" } ], "title": "CVE-2024-41904" }, { "cve": "CVE-2024-41905", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "other", "text": "Improper Access Control", "title": "CWE-284" } ], "references": [ { "category": "self", "summary": "CVE-2024-41905", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41905.json" } ], "title": "CVE-2024-41905" }, { "cve": "CVE-2024-41906", "cwe": { "id": "CWE-524", "name": "Use of Cache Containing Sensitive Information" }, "notes": [ { "category": "other", "text": "Use of Cache Containing Sensitive Information", "title": "CWE-524" } ], "references": [ { "category": "self", "summary": "CVE-2024-41906", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41906.json" } ], "title": "CVE-2024-41906" }, { "cve": "CVE-2024-41907", "cwe": { "id": "CWE-358", "name": "Improperly Implemented Security Check for Standard" }, "notes": [ { "category": "other", "text": "Improperly Implemented Security Check for Standard", "title": "CWE-358" } ], "references": [ { "category": "self", "summary": "CVE-2024-41907", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41907.json" } ], "title": "CVE-2024-41907" }, { "cve": "CVE-2024-41908", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "references": [ { "category": "self", "summary": "CVE-2024-41908", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41908.json" } ], "title": "CVE-2024-41908" }, { "cve": "CVE-2024-41938", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "notes": [ { "category": "other", "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "title": "CWE-22" } ], "references": [ { "category": "self", "summary": "CVE-2024-41938", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41938.json" } ], "title": "CVE-2024-41938" }, { "cve": "CVE-2024-41939", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "other", "text": "Incorrect Authorization", "title": "CWE-863" } ], "references": [ { "category": "self", "summary": "CVE-2024-41939", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41939.json" } ], "title": "CVE-2024-41939" }, { "cve": "CVE-2024-41940", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2024-41940", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41940.json" } ], "title": "CVE-2024-41940" }, { "cve": "CVE-2024-41941", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "other", "text": "Incorrect Authorization", "title": "CWE-863" } ], "references": [ { "category": "self", "summary": "CVE-2024-41941", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41941.json" } ], "title": "CVE-2024-41941" }, { "cve": "CVE-2024-41976", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "references": [ { "category": "self", "summary": "CVE-2024-41976", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41976.json" } ], "title": "CVE-2024-41976" }, { "cve": "CVE-2024-41977", "cwe": { "id": "CWE-488", "name": "Exposure of Data Element to Wrong Session" }, "notes": [ { "category": "other", "text": "Exposure of Data Element to Wrong Session", "title": "CWE-488" } ], "references": [ { "category": "self", "summary": "CVE-2024-41977", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41977.json" } ], "title": "CVE-2024-41977" }, { "cve": "CVE-2024-41978", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "notes": [ { "category": "other", "text": "Insertion of Sensitive Information into Log File", "title": "CWE-532" } ], "references": [ { "category": "self", "summary": "CVE-2024-41978", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41978.json" } ], "title": "CVE-2024-41978" } ] }
rhsa-2024_3354
Vulnerability from csaf_redhat
Published
2024-05-23 22:45
Modified
2024-12-17 22:54
Summary
Red Hat Security Advisory: Red Hat Fuse 7.13.0 release and security update
Notes
Topic
Red Hat Fuse 7.13.0 release is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Fuse 7.13.0 is released which includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.
Security Fix(es):
* undertow: OutOfMemoryError due to @MultipartConfig handling (CVE-2023-3223)
* jetty-servlets: jetty: Improper addition of quotation marks to user inputs in CgiServlet (CVE-2023-36479)
* jetty: Improper validation of HTTP/1 content-length (CVE-2023-40167)
* jetty-http: jetty: Improper validation of HTTP/1 content-length (CVE-2023-40167)
* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK (CVE-2023-39410)
* JSON-java: parser confusion leads to OOM (CVE-2023-5072)
* http2-hpack: jetty: hpack header values cause denial of service in http/2 (CVE-2023-36478)
* spring-boot: org.springframework.boot:spring-boot-actuator class vulnerable to denial of service (CVE-2023-34055)
* tomcat: HTTP request smuggling via malformed trailer headers (CVE-2023-46589)
* activemq: Apache ActiveMQ: Deserialization vulnerability on Jolokia that allows authenticated users to perform RCE (CVE-2022-41678)
* logback: serialization vulnerability in logback receiver (CVE-2023-6378)
* logback: A serialization vulnerability in logback receiver (CVE-2023-6481)
* solr: : Apache Solr: Host environment variables are published via the Metrics API (CVE-2023-50290)
* shiro: path traversal attack may lead to authentication bypass (CVE-2023-46749)
* tomcat: Leaking of unrelated request bodies in default error page (CVE-2024-21733)
* springframework: URL Parsing with Host Validation (CVE-2024-22243)
For more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat Fuse 7.13.0 release is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Fuse 7.13.0 is released which includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.\n\nSecurity Fix(es):\n\n* undertow: OutOfMemoryError due to @MultipartConfig handling (CVE-2023-3223)\n\n* jetty-servlets: jetty: Improper addition of quotation marks to user inputs in CgiServlet (CVE-2023-36479)\n\n* jetty: Improper validation of HTTP/1 content-length (CVE-2023-40167)\n\n* jetty-http: jetty: Improper validation of HTTP/1 content-length (CVE-2023-40167)\n\n* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK (CVE-2023-39410)\n\n* JSON-java: parser confusion leads to OOM (CVE-2023-5072)\n\n* http2-hpack: jetty: hpack header values cause denial of service in http/2 (CVE-2023-36478)\n\n* spring-boot: org.springframework.boot:spring-boot-actuator class vulnerable to denial of service (CVE-2023-34055)\n\n* tomcat: HTTP request smuggling via malformed trailer headers (CVE-2023-46589)\n\n* activemq: Apache ActiveMQ: Deserialization vulnerability on Jolokia that allows authenticated users to perform RCE (CVE-2022-41678)\n\n* logback: serialization vulnerability in logback receiver (CVE-2023-6378)\n\n* logback: A serialization vulnerability in logback receiver (CVE-2023-6481)\n\n* solr: : Apache Solr: Host environment variables are published via the Metrics API (CVE-2023-50290)\n\n* shiro: path traversal attack may lead to authentication bypass (CVE-2023-46749)\n\n* tomcat: Leaking of unrelated request bodies in default error page (CVE-2024-21733)\n\n* springframework: URL Parsing with Host Validation (CVE-2024-22243)\n\nFor more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:3354", "url": "https://access.redhat.com/errata/RHSA-2024:3354" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2209689", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209689" }, { "category": "external", "summary": "2239630", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239630" }, { "category": "external", "summary": "2239634", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634" }, { "category": "external", "summary": "2242521", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242521" }, { "category": "external", "summary": "2243123", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243123" }, { "category": "external", "summary": "2246417", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246417" }, { "category": "external", "summary": "2251917", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251917" }, { "category": "external", "summary": "2252050", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252050" }, { "category": "external", "summary": "2252185", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252185" }, { "category": "external", "summary": "2252230", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252230" }, { "category": "external", "summary": "2252956", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252956" }, { "category": "external", "summary": "2258132", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258132" }, { "category": "external", "summary": "2258134", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258134" }, { "category": "external", "summary": "2259204", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259204" }, { "category": "external", "summary": "2265735", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265735" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3354.json" } ], "title": "Red Hat Security Advisory: Red Hat Fuse 7.13.0 release and security update", "tracking": { "current_release_date": "2024-12-17T22:54:52+00:00", "generator": { "date": "2024-12-17T22:54:52+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:3354", "initial_release_date": "2024-05-23T22:45:30+00:00", "revision_history": [ { "date": "2024-05-23T22:45:30+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-05-23T22:45:30+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T22:54:52+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Fuse 7.13.0", "product": { "name": "Red Hat Fuse 7.13.0", "product_id": "Red Hat Fuse 7.13.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_fuse:7" } } } ], "category": "product_family", "name": "Red Hat JBoss Fuse" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-41678", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2023-11-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2252185" } ], "notes": [ { "category": "description", "text": "Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution.\u00a0\n\nIn details, in ActiveMQ configurations, jetty allows\norg.jolokia.http.AgentServlet to handler request to /api/jolokia\n\norg.jolokia.http.HttpRequestHandler#handlePostRequest is able to\ncreate JmxRequest through JSONObject. And calls to\norg.jolokia.http.HttpRequestHandler#executeRequest.\n\nInto deeper calling stacks,\norg.jolokia.handler.ExecHandler#doHandleRequest can be invoked\nthrough refection. This could lead to RCE through via\nvarious mbeans. One example is unrestricted deserialization in jdk.management.jfr.FlightRecorderMXBeanImpl which exists on Java version above 11.\n\n1 Call newRecording.\n\n2 Call setConfiguration. And a webshell data hides in it.\n\n3 Call startRecording.\n\n4 Call copyTo method. The webshell will be written to a .jsp file.\n\nThe mitigation is to restrict (by default) the actions authorized on Jolokia, or disable Jolokia.\nA more restrictive Jolokia configuration has been defined in default ActiveMQ distribution. We encourage users to upgrade to ActiveMQ distributions version including updated Jolokia configuration: 5.16.6, 5.17.4, 5.18.0, 6.0.0.\n", "title": "Vulnerability description" }, { "category": "summary", "text": "ActiveMQ: Deserialization vulnerability on Jolokia that allows authenticated users to perform RCE", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is considered moderate severity due to the requirement of authenticated access to exploit the flaw, significantly reducing the risk to systems that enforce strong authentication controls. While it does allow for remote code execution through Jolokia\u0027s request handling and Java Management Extensions (JMX), the exploitation pathway is complex and relies on specific conditions, such as the presence of Java 11 or higher and misconfigured or permissive Jolokia settings. an authenticated attacker to achieve remote code execution (RCE) within the ActiveMQ environment.Only an authenticated attacker to achieve remote code execution (RCE) within the ActiveMQ environment. In environments where authentication is well-managed and Jolokia is correctly configured or disabled, the likelihood of successful exploitation is reduced, mitigating the overall impact on system security.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41678" }, { "category": "external", "summary": "RHBZ#2252185", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252185" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41678", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41678" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41678", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41678" } ], "release_date": "2023-11-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat Fuse 7.13.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ActiveMQ: Deserialization vulnerability on Jolokia that allows authenticated users to perform RCE" }, { "acknowledgments": [ { "names": [ "Keke Lian \u0026 Haoran Zhao" ], "organization": "System and Software Security Lab in Fudan University" } ], "cve": "CVE-2023-3223", "cwe": { "id": "CWE-789", "name": "Memory Allocation with Excessive Size Value" }, "discovery_date": "2023-05-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2209689" } ], "notes": [ { "category": "description", "text": "A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it\u0027s possible to bypass the limit by setting the file name in the request to null.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: OutOfMemoryError due to @MultipartConfig handling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-3223" }, { "category": "external", "summary": "RHBZ#2209689", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209689" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-3223", "url": "https://www.cve.org/CVERecord?id=CVE-2023-3223" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3223", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3223" } ], "release_date": "2023-08-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "undertow: OutOfMemoryError due to @MultipartConfig handling" }, { "cve": "CVE-2023-5072", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2023-10-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2246417" } ], "notes": [ { "category": "description", "text": "A flaw was found in the org.json package. A bug in the parser exists, and an input string may lead to undefined usage of memory, leading to an out-of-memory error, causing a denial of service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "JSON-java: parser confusion leads to OOM", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability may cause denial of service with a small string input, causing the server to be unresponsive easily, hence the Important impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-5072" }, { "category": "external", "summary": "RHBZ#2246417", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246417" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5072", "url": "https://www.cve.org/CVERecord?id=CVE-2023-5072" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5072", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5072" }, { "category": "external", "summary": "https://github.com/stleary/JSON-java/issues/758", "url": "https://github.com/stleary/JSON-java/issues/758" }, { "category": "external", "summary": "https://github.com/stleary/JSON-java/issues/771", "url": "https://github.com/stleary/JSON-java/issues/771" } ], "release_date": "2023-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" }, { "category": "workaround", "details": "No current mitigation is available for this flaw.", "product_ids": [ "Red Hat Fuse 7.13.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "JSON-java: parser confusion leads to OOM" }, { "cve": "CVE-2023-6378", "cwe": { "id": "CWE-499", "name": "Serializable Class Containing Sensitive Data" }, "discovery_date": "2023-11-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2252230" } ], "notes": [ { "category": "description", "text": "A flaw was found in the logback package, where it is vulnerable to a denial of service caused by a serialization flaw in the receiver component. By sending specially crafted poisoned data, a remote attacker can cause a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "logback: serialization vulnerability in logback receiver", "title": "Vulnerability summary" }, { "category": "other", "text": "The Logback package vulnerability, posing a risk of denial-of-service through a serialization flaw in its receiver component, is considered a moderate issue due to its potential impact on system availability. While denial-of-service vulnerabilities can be disruptive, the severity is tempered by the fact that they generally do not result in unauthorized access or data compromise.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6378" }, { "category": "external", "summary": "RHBZ#2252230", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252230" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6378", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6378" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6378", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6378" } ], "release_date": "2023-11-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat Fuse 7.13.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "logback: serialization vulnerability in logback receiver" }, { "cve": "CVE-2023-6481", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2252956" } ], "notes": [ { "category": "description", "text": "A flaw was found in the logback package. Affected versions of this package are vulnerable to Uncontrolled Resource Consumption (\u0027Resource Exhaustion\u0027) via the logback receiver component. This flaw allows an attacker to mount a denial-of-service attack by sending poisoned data.", "title": "Vulnerability description" }, { "category": "summary", "text": "logback: A serialization vulnerability in logback receiver", "title": "Vulnerability summary" }, { "category": "other", "text": "The security vulnerability in the logback package is considered of moderate severity due to its potential for facilitating a denial-of-service (DoS) attack. While a DoS attack can disrupt service availability, this vulnerability may not lead to more severe consequences such as unauthorized access or data breaches.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6481" }, { "category": "external", "summary": "RHBZ#2252956", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252956" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6481", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6481" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481" } ], "release_date": "2023-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat Fuse 7.13.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "logback: A serialization vulnerability in logback receiver" }, { "cve": "CVE-2023-34055", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-11-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2251917" } ], "notes": [ { "category": "description", "text": "In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.\n\nSpecifically, an application is vulnerable when all of the following are true:\n\n * the application uses Spring MVC or Spring WebFlux\n * org.springframework.boot:spring-boot-actuator\u00a0is on the classpath\n\n\n\n", "title": "Vulnerability description" }, { "category": "summary", "text": "spring-boot: org.springframework.boot: spring-boot-actuator class vulnerable to denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat does not ship any spring integration in the RHEL log4j package, therefore the log4j package is not affected by this issue in Red Hat Enterprise Linux 8 \u0026 9.\n\nRed Hat Single Sign-On provides Spring Boot adapters, but does not provide the affected code and is not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-34055" }, { "category": "external", "summary": "RHBZ#2251917", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251917" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-34055", "url": "https://www.cve.org/CVERecord?id=CVE-2023-34055" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-34055", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34055" } ], "release_date": "2023-11-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "spring-boot: org.springframework.boot: spring-boot-actuator class vulnerable to denial of service" }, { "cve": "CVE-2023-36478", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-10-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2243123" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jetty http2-hpack and http3-qpack. If header values exceed the size limit and Huffman is the true`MetaDataBuilder.checkSize`, the multiplication will overflow, and the length will become negative, causing a large buffer allocation on the server, leading to a Denial of Service (DoS) attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: hpack header values cause denial of service in http/2", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw requires a remote attacker to repeatedly send HTTP requests with HPACK, which could easily impact the server\u0027s performance or make it run out of memory. Hence, this vulnerability received an Important impact rating.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-36478" }, { "category": "external", "summary": "RHBZ#2243123", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243123" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-36478", "url": "https://www.cve.org/CVERecord?id=CVE-2023-36478" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-36478", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36478" }, { "category": "external", "summary": "https://github.com/eclipse/jetty.project/pull/9634", "url": "https://github.com/eclipse/jetty.project/pull/9634" }, { "category": "external", "summary": "https://github.com/eclipse/jetty.project/releases/tag/jetty-10.0.16", "url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-10.0.16" }, { "category": "external", "summary": "https://github.com/eclipse/jetty.project/releases/tag/jetty-11.0.16", "url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-11.0.16" }, { "category": "external", "summary": "https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009", "url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009" }, { "category": "external", "summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r", "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r" } ], "release_date": "2023-10-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" }, { "category": "workaround", "details": "No mitigations are currently available for this vulnerability.", "product_ids": [ "Red Hat Fuse 7.13.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jetty: hpack header values cause denial of service in http/2" }, { "cve": "CVE-2023-36479", "cwe": { "id": "CWE-149", "name": "Improper Neutralization of Quoting Syntax" }, "discovery_date": "2023-09-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239630" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jetty\u0027s CGI servlet which permits incorrect command execution in specific circumstances such as requests with certain characters in requested filenames. This issue could allow an attacker to run permitted commands other than the one requested.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: Improper addition of quotation marks to user inputs in CgiServlet", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-36479" }, { "category": "external", "summary": "RHBZ#2239630", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239630" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-36479", "url": "https://www.cve.org/CVERecord?id=CVE-2023-36479" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479" } ], "release_date": "2023-09-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jetty: Improper addition of quotation marks to user inputs in CgiServlet" }, { "cve": "CVE-2023-39410", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2023-10-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2242521" } ], "notes": [ { "category": "description", "text": "A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-39410" }, { "category": "external", "summary": "RHBZ#2242521", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242521" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39410", "url": "https://www.cve.org/CVERecord?id=CVE-2023-39410" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39410", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39410" }, { "category": "external", "summary": "https://issues.apache.org/jira/browse/AVRO-3819", "url": "https://issues.apache.org/jira/browse/AVRO-3819" } ], "release_date": "2023-09-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK" }, { "cve": "CVE-2023-40167", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "discovery_date": "2023-09-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239634" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: Improper validation of HTTP/1 content-length", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-40167" }, { "category": "external", "summary": "RHBZ#2239634", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-40167", "url": "https://www.cve.org/CVERecord?id=CVE-2023-40167" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167" }, { "category": "external", "summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6", "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6" }, { "category": "external", "summary": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6", "url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6" } ], "release_date": "2023-09-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jetty: Improper validation of HTTP/1 content-length" }, { "cve": "CVE-2023-46589", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2023-11-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2252050" } ], "notes": [ { "category": "description", "text": "An improper Input validation flaw was found in Apache Tomcat due to incorrect parsing of HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests, leading to the possibility of request smuggling when behind a reverse proxy.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: HTTP request smuggling via malformed trailer headers", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability in Apache Tomcat is of significant importance due to its potential to exploit HTTP request smuggling, presenting a security risk for web applications utilizing Tomcat. The flaw arises from Tomcat\u0027s improper parsing of HTTP trailer headers, where a specifically crafted header exceeding the size limit could cause Tomcat to treat a single request as multiple ones. This opens the door for attackers to manipulate requests and potentially conduct various malicious activities, such as unauthorized access, data exposure, or other exploits, particularly when Tomcat is deployed behind a reverse proxy. \n\nThe pki-servlet-engine package has been obsoleted by the Tomcat package. Therefore, this issue will be fixed in the Tomcat package rather than the pki-serlvet-engine package. Please follow the RHEL Tomcat trackers instead for the updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-46589" }, { "category": "external", "summary": "RHBZ#2252050", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252050" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-46589", "url": "https://www.cve.org/CVERecord?id=CVE-2023-46589" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-46589", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46589" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2023/11/28/2", "url": "http://www.openwall.com/lists/oss-security/2023/11/28/2" }, { "category": "external", "summary": "https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr", "url": "https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr" } ], "release_date": "2023-11-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat Fuse 7.13.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "tomcat: HTTP request smuggling via malformed trailer headers" }, { "cve": "CVE-2023-46749", "cwe": { "id": "CWE-288", "name": "Authentication Bypass Using an Alternate Path or Channel" }, "discovery_date": "2024-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2258134" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache Shiro, which may allow a path traversal attack. When this issue is combined with the path rewriting feature, it can lead to an authentication bypass.", "title": "Vulnerability description" }, { "category": "summary", "text": "shiro: path traversal attack may lead to authentication bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-46749" }, { "category": "external", "summary": "RHBZ#2258134", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258134" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-46749", "url": "https://www.cve.org/CVERecord?id=CVE-2023-46749" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-46749", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46749" } ], "release_date": "2024-01-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" }, { "category": "workaround", "details": "This flaw can be mitigated by making sure \u0027blockSemicolon\u0027 is enabled.", "product_ids": [ "Red Hat Fuse 7.13.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "shiro: path traversal attack may lead to authentication bypass" }, { "cve": "CVE-2023-50290", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2024-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2258132" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache Solr. This issue may allow an unauthorized actor access to sensitive information. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the default list is designed to work for known secret Java system properties. Environment variables cannot be strictly defined in Solr like Java system properties can be, and may be set for the entire host, unlike Java system properties which are set per-Java-proccess.", "title": "Vulnerability description" }, { "category": "summary", "text": "Solr: Host environment variables are published via the Metrics API", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-50290" }, { "category": "external", "summary": "RHBZ#2258132", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258132" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-50290", "url": "https://www.cve.org/CVERecord?id=CVE-2023-50290" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-50290", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50290" } ], "release_date": "2024-01-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Solr: Host environment variables are published via the Metrics API" }, { "cve": "CVE-2024-21733", "cwe": { "id": "CWE-209", "name": "Generation of Error Message Containing Sensitive Information" }, "discovery_date": "2024-01-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2259204" } ], "notes": [ { "category": "description", "text": "An information disclosure vulnerability was found in Apache Tomcat. Incomplete POST requests triggered an error response that could contain data from a previous HTTP request. This flaw allows a remote attacker to access files from another user that should be otherwise prevented by limits or authentication.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Leaking of unrelated request bodies in default error page", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux remains unaffected as the vulnerable version of Tomcat (e.g., versions 8.5.7 through 8.5.63 and 9.0.0 through 9.0.43) has not been shipped or included.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-21733" }, { "category": "external", "summary": "RHBZ#2259204", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259204" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-21733", "url": "https://www.cve.org/CVERecord?id=CVE-2024-21733" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21733", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21733" }, { "category": "external", "summary": "https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz", "url": "https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2024/01/19/2", "url": "https://www.openwall.com/lists/oss-security/2024/01/19/2" } ], "release_date": "2024-01-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat Fuse 7.13.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "tomcat: Leaking of unrelated request bodies in default error page" }, { "acknowledgments": [ { "names": [ "Sean Pesce" ], "organization": "Motorola Solutions" } ], "cve": "CVE-2024-22243", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2024-02-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2265735" } ], "notes": [ { "category": "description", "text": "A vulnerability was discovered in Spring Framework. Under certain conditions, an attacker might be able to trigger an open redirect. This issue can simplify the process of conducting a phishing attack against users of the deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "springframework: URL Parsing with Host Validation", "title": "Vulnerability summary" }, { "category": "other", "text": "The open redirect vulnerability discovered in the Spring Framework poses a moderate severity issue due to its potential to facilitate phishing attacks. While it doesn\u0027t directly lead to data compromise or system takeover, it significantly increases the likelihood of users being misled into visiting malicious websites.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.13.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-22243" }, { "category": "external", "summary": "RHBZ#2265735", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265735" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-22243", "url": "https://www.cve.org/CVERecord?id=CVE-2024-22243" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22243", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22243" }, { "category": "external", "summary": "https://spring.io/security/cve-2024-22243", "url": "https://spring.io/security/cve-2024-22243" } ], "release_date": "2024-02-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-23T22:45:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Fuse 7.13.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3354" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat Fuse 7.13.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.4, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat Fuse 7.13.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "springframework: URL Parsing with Host Validation" } ] }
rhsa-2024_0793
Vulnerability from csaf_redhat
Published
2024-02-12 18:01
Modified
2024-12-17 22:53
Summary
Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 4.0.3 release security update
Notes
Topic
Red Hat Integration Camel for Spring Boot 4.0.3 release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Integration Camel for Spring Boot 4.0.3 release and security update is now available.
The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* parsson: Denial of Service due to large number parsing (CVE-2023-4043)
* logback: serialization vulnerability in logback receiver (CVE-2023-6378)
* logback: A serialization vulnerability in logback receiver (CVE-2023-6481)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat Integration Camel for Spring Boot 4.0.3 release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Integration Camel for Spring Boot 4.0.3 release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* parsson: Denial of Service due to large number parsing (CVE-2023-4043)\n\n* logback: serialization vulnerability in logback receiver (CVE-2023-6378)\n\n* logback: A serialization vulnerability in logback receiver (CVE-2023-6481)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:0793", "url": "https://access.redhat.com/errata/RHSA-2024:0793" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2252230", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252230" }, { "category": "external", "summary": "2252956", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252956" }, { "category": "external", "summary": "2254594", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254594" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0793.json" } ], "title": "Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 4.0.3 release security update", "tracking": { "current_release_date": "2024-12-17T22:53:07+00:00", "generator": { "date": "2024-12-17T22:53:07+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:0793", "initial_release_date": "2024-02-12T18:01:12+00:00", "revision_history": [ { "date": "2024-02-12T18:01:12+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-02-12T18:01:12+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T22:53:07+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHINT Camel-Springboot 4.0.3", "product": { "name": "RHINT Camel-Springboot 4.0.3", "product_id": "RHINT Camel-Springboot 4.0.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:camel_spring_boot:4.0.3" } } } ], "category": "product_family", "name": "Red Hat Integration" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-4043", "cwe": { "id": "CWE-834", "name": "Excessive Iteration" }, "discovery_date": "2023-12-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2254594" } ], "notes": [ { "category": "description", "text": "A flaw was found in Eclipse Parsson library when processing untrusted source content. This issue may cause a Denial of Service (DoS) due to built-in support for parsing numbers with a large scale, and some cases where processing a large number may take much more time than expected.", "title": "Vulnerability description" }, { "category": "summary", "text": "parsson: Denial of Service due to large number parsing", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat rates this as an important impact since one needs to process untrusted and if there is no sanitization a Denial of Service (DoS) may happen.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHINT Camel-Springboot 4.0.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-4043" }, { "category": "external", "summary": "RHBZ#2254594", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254594" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-4043", "url": "https://www.cve.org/CVERecord?id=CVE-2023-4043" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4043", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4043" } ], "release_date": "2023-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-12T18:01:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHINT Camel-Springboot 4.0.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0793" }, { "category": "workaround", "details": "Avoid processing untrusted sources content in order to minimize the chance for Denial of Service attack.", "product_ids": [ "RHINT Camel-Springboot 4.0.3" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "RHINT Camel-Springboot 4.0.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "parsson: Denial of Service due to large number parsing" }, { "cve": "CVE-2023-6378", "cwe": { "id": "CWE-499", "name": "Serializable Class Containing Sensitive Data" }, "discovery_date": "2023-11-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2252230" } ], "notes": [ { "category": "description", "text": "A flaw was found in the logback package, where it is vulnerable to a denial of service caused by a serialization flaw in the receiver component. By sending specially crafted poisoned data, a remote attacker can cause a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "logback: serialization vulnerability in logback receiver", "title": "Vulnerability summary" }, { "category": "other", "text": "The Logback package vulnerability, posing a risk of denial-of-service through a serialization flaw in its receiver component, is considered a moderate issue due to its potential impact on system availability. While denial-of-service vulnerabilities can be disruptive, the severity is tempered by the fact that they generally do not result in unauthorized access or data compromise.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHINT Camel-Springboot 4.0.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6378" }, { "category": "external", "summary": "RHBZ#2252230", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252230" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6378", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6378" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6378", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6378" } ], "release_date": "2023-11-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-12T18:01:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHINT Camel-Springboot 4.0.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0793" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "RHINT Camel-Springboot 4.0.3" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "RHINT Camel-Springboot 4.0.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "logback: serialization vulnerability in logback receiver" }, { "cve": "CVE-2023-6481", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2252956" } ], "notes": [ { "category": "description", "text": "A flaw was found in the logback package. Affected versions of this package are vulnerable to Uncontrolled Resource Consumption (\u0027Resource Exhaustion\u0027) via the logback receiver component. This flaw allows an attacker to mount a denial-of-service attack by sending poisoned data.", "title": "Vulnerability description" }, { "category": "summary", "text": "logback: A serialization vulnerability in logback receiver", "title": "Vulnerability summary" }, { "category": "other", "text": "The security vulnerability in the logback package is considered of moderate severity due to its potential for facilitating a denial-of-service (DoS) attack. While a DoS attack can disrupt service availability, this vulnerability may not lead to more severe consequences such as unauthorized access or data breaches.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHINT Camel-Springboot 4.0.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6481" }, { "category": "external", "summary": "RHBZ#2252956", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252956" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6481", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6481" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481" } ], "release_date": "2023-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-12T18:01:12+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHINT Camel-Springboot 4.0.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0793" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "RHINT Camel-Springboot 4.0.3" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "RHINT Camel-Springboot 4.0.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "logback: A serialization vulnerability in logback receiver" } ] }
rhsa-2024_0843
Vulnerability from csaf_redhat
Published
2024-02-15 12:55
Modified
2024-12-17 22:53
Summary
Red Hat Security Advisory: Release of OpenShift Serverless 1.31.1
Notes
Topic
Red Hat OpenShift Serverless version 1.31.1 is now available.
Red Hat Product Security has rated this update as having a security impact of
Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Version 1.31.1 of the OpenShift Serverless Operator is supported on Red Hat
OpenShift Container Platform versions 4.11, 4.12, 4.13 and 4.14
This release includes security, bug fixes, and enhancements.
Security Fix(es):
* go-git: Maliciously crafted Git server replies can cause DoS on go-git clients (CVE-2023-49568)
* go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients (CVE-2023-49569)
* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)
* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
* logback: A serialization vulnerability in logback receiver (CVE-2023-6481)
For more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Serverless version 1.31.1 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of\nCritical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Version 1.31.1 of the OpenShift Serverless Operator is supported on Red Hat\nOpenShift Container Platform versions 4.11, 4.12, 4.13 and 4.14\n\nThis release includes security, bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* go-git: Maliciously crafted Git server replies can cause DoS on go-git clients (CVE-2023-49568)\n* go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients (CVE-2023-49569)\n* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)\n* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n* logback: A serialization vulnerability in logback receiver (CVE-2023-6481)\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:0843", "url": "https://access.redhat.com/errata/RHSA-2024:0843" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_serverless/1.31", "url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_serverless/1.31" }, { "category": "external", "summary": "2252956", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252956" }, { "category": "external", "summary": "2253330", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253330" }, { "category": "external", "summary": "2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "2258143", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258143" }, { "category": "external", "summary": "2258165", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0843.json" } ], "title": "Red Hat Security Advisory: Release of OpenShift Serverless 1.31.1", "tracking": { "current_release_date": "2024-12-17T22:53:18+00:00", "generator": { "date": "2024-12-17T22:53:18+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:0843", "initial_release_date": "2024-02-15T12:55:28+00:00", "revision_history": [ { "date": "2024-02-15T12:55:28+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-02-15T12:55:28+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T22:53:18+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Serverless 1.31", "product": { "name": "Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_serverless:1.31::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Serverless" }, { "branches": [ { "category": "product_version", "name": "openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "product": { "name": "openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "product_id": "openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "product_identification_helper": { "purl": "pkg:oci/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/client-kn-rhel8\u0026tag=1.10.0-5" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "product": { "name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "product_id": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "product": { "name": "openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "product_id": "openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-controller-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "product": { "name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "product_id": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-in-memory-channel-controller-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "product": { "name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "product_id": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "product": { "name": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "product_id": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-istio-controller-rhel8\u0026tag=1.10.0-5" } } }, { "category": "product_version", "name": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "product": { "name": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "product_id": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8\u0026tag=1.10.0-5" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "product_id": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-controller-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "product_id": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "product_id": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-post-install-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "product_id": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-receiver-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "product_id": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-webhook-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "product": { "name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "product_id": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtbroker-filter-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "product": { "name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "product_id": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtbroker-ingress-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "product": { "name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "product_id": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtchannel-broker-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "product": { "name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "product_id": "openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtping-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "product": { "name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "product_id": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-storage-version-migration-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "product": { "name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "product_id": "openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "product_identification_helper": { "purl": "pkg:oci/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-webhook-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "product": { "name": "openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "product_id": "openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "product_identification_helper": { "purl": "pkg:oci/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/func-utils-rhel8\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "product": { "name": "openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "product_id": "openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "product_identification_helper": { "purl": "pkg:oci/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/ingress-rhel8-operator\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "product": { "name": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "product_id": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "product_identification_helper": { "purl": "pkg:oci/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "product": { "name": "openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "product_id": "openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "product_identification_helper": { "purl": "pkg:oci/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/knative-rhel8-operator\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "product": { "name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "product_id": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "product_identification_helper": { "purl": "pkg:oci/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/kn-cli-artifacts-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "product": { "name": "openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "product_id": "openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "product_identification_helper": { "purl": "pkg:oci/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/kourier-control-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x", "product": { "name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x", "product_id": "openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x", "product_identification_helper": { "purl": "pkg:oci/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/svls-must-gather-rhel8\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "product": { "name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "product_id": "openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "product_identification_helper": { "purl": "pkg:oci/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/net-istio-controller-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "product": { "name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "product_id": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "product_identification_helper": { "purl": "pkg:oci/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/net-istio-webhook-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "product": { "name": "openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "product_id": "openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "product_identification_helper": { "purl": "pkg:oci/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serverless-rhel8-operator\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "product": { "name": "openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "product_id": "openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "product_identification_helper": { "purl": "pkg:oci/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-activator-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "product": { "name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "product_id": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "product_identification_helper": { "purl": "pkg:oci/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-autoscaler-hpa-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "product": { "name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "product_id": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "product_identification_helper": { "purl": "pkg:oci/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-autoscaler-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "product": { "name": "openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "product_id": "openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "product_identification_helper": { "purl": "pkg:oci/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-controller-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "product": { "name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "product_id": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "product_identification_helper": { "purl": "pkg:oci/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-domain-mapping-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "product": { "name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "product_id": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "product_identification_helper": { "purl": "pkg:oci/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-domain-mapping-webhook-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "product": { "name": "openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "product_id": "openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "product_identification_helper": { "purl": "pkg:oci/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-queue-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "product": { "name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "product_id": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "product_identification_helper": { "purl": "pkg:oci/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-storage-version-migration-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "product": { "name": "openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "product_id": "openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "product_identification_helper": { "purl": "pkg:oci/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-webhook-rhel8\u0026tag=1.10.0-4" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "product": { "name": "openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "product_id": "openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "product_identification_helper": { "purl": "pkg:oci/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/client-kn-rhel8\u0026tag=1.10.0-5" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "product": { "name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "product_id": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "product": { "name": "openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "product_id": "openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-controller-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "product": { "name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "product_id": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-in-memory-channel-controller-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "product": { "name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "product_id": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "product": { "name": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "product_id": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-istio-controller-rhel8\u0026tag=1.10.0-5" } } }, { "category": "product_version", "name": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "product": { "name": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "product_id": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8\u0026tag=1.10.0-5" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "product_id": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-controller-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "product_id": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "product_id": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-post-install-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "product_id": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-receiver-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "product_id": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-webhook-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "product": { "name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "product_id": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtbroker-filter-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "product": { "name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "product_id": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtbroker-ingress-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "product": { "name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "product_id": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtchannel-broker-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "product": { "name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "product_id": "openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtping-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "product": { "name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "product_id": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-storage-version-migration-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "product": { "name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "product_id": "openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-webhook-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "product": { "name": "openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "product_id": "openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "product_identification_helper": { "purl": "pkg:oci/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/func-utils-rhel8\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "product": { "name": "openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "product_id": "openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/ingress-rhel8-operator\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "product": { "name": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "product_id": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "product_identification_helper": { "purl": "pkg:oci/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "product": { "name": "openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "product_id": "openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "product_identification_helper": { "purl": "pkg:oci/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/knative-rhel8-operator\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "product": { "name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "product_id": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/kn-cli-artifacts-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "product": { "name": "openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "product_id": "openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/kourier-control-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "product": { "name": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "product_id": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/logic-swf-builder-rhel8\u0026tag=1.31.0-5" } } }, { "category": "product_version", "name": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "product": { "name": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "product_id": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8\u0026tag=1.31.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "product": { "name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "product_id": "openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/svls-must-gather-rhel8\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "product": { "name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "product_id": "openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "product_identification_helper": { "purl": "pkg:oci/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/net-istio-controller-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "product": { "name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "product_id": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/net-istio-webhook-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "product": { "name": "openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "product_id": "openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "product_identification_helper": { "purl": "pkg:oci/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serverless-rhel8-operator\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "product": { "name": "openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "product_id": "openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-activator-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "product": { "name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "product_id": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-autoscaler-hpa-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "product": { "name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "product_id": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-autoscaler-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "product": { "name": "openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "product_id": "openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "product_identification_helper": { "purl": "pkg:oci/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-controller-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "product": { "name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "product_id": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-domain-mapping-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "product": { "name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "product_id": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-domain-mapping-webhook-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "product": { "name": "openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "product_id": "openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-queue-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "product": { "name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "product_id": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-storage-version-migration-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "product": { "name": "openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "product_id": "openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-webhook-rhel8\u0026tag=1.10.0-4" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "product": { "name": "openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "product_id": "openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "product_identification_helper": { "purl": "pkg:oci/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/client-kn-rhel8\u0026tag=1.10.0-5" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "product": { "name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "product_id": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "product": { "name": "openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "product_id": "openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-controller-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "product": { "name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "product_id": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-in-memory-channel-controller-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "product": { "name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "product_id": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "product": { "name": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "product_id": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-istio-controller-rhel8\u0026tag=1.10.0-5" } } }, { "category": "product_version", "name": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "product": { "name": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "product_id": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8\u0026tag=1.10.0-5" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "product_id": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-controller-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "product_id": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "product_id": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-post-install-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "product_id": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-receiver-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "product": { "name": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "product_id": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-kafka-broker-webhook-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "product": { "name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "product_id": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtbroker-filter-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "product": { "name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "product_id": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtbroker-ingress-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "product": { "name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "product_id": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtchannel-broker-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "product": { "name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "product_id": "openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtping-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "product": { "name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "product_id": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-storage-version-migration-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "product": { "name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "product_id": "openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "product_identification_helper": { "purl": "pkg:oci/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-webhook-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "product": { "name": "openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "product_id": "openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "product_identification_helper": { "purl": "pkg:oci/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/func-utils-rhel8\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "product": { "name": "openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "product_id": "openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "product_identification_helper": { "purl": "pkg:oci/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/ingress-rhel8-operator\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "product": { "name": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "product_id": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "product_identification_helper": { "purl": "pkg:oci/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "product": { "name": "openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "product_id": "openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "product_identification_helper": { "purl": "pkg:oci/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/knative-rhel8-operator\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "product": { "name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "product_id": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "product_identification_helper": { "purl": "pkg:oci/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/kn-cli-artifacts-rhel8\u0026tag=1.10.0-3" } } }, { "category": "product_version", "name": "openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "product": { "name": "openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "product_id": "openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "product_identification_helper": { "purl": "pkg:oci/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/kourier-control-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "product": { "name": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "product_id": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "product_identification_helper": { "purl": "pkg:oci/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/logic-swf-builder-rhel8\u0026tag=1.31.0-5" } } }, { "category": "product_version", "name": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "product": { "name": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "product_id": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "product_identification_helper": { "purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8\u0026tag=1.31.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "product": { "name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "product_id": "openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "product_identification_helper": { "purl": "pkg:oci/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/svls-must-gather-rhel8\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "product": { "name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "product_id": "openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "product_identification_helper": { "purl": "pkg:oci/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/net-istio-controller-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "product": { "name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "product_id": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "product_identification_helper": { "purl": "pkg:oci/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/net-istio-webhook-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "product": { "name": "openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "product_id": "openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "product_identification_helper": { "purl": "pkg:oci/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serverless-operator-bundle\u0026tag=1.31.1-1" } } }, { "category": "product_version", "name": "openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "product": { "name": "openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "product_id": "openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "product_identification_helper": { "purl": "pkg:oci/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serverless-rhel8-operator\u0026tag=1.31.1-2" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "product": { "name": "openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "product_id": "openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "product_identification_helper": { "purl": "pkg:oci/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-activator-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "product": { "name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "product_id": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "product_identification_helper": { "purl": "pkg:oci/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-autoscaler-hpa-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "product": { "name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "product_id": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "product_identification_helper": { "purl": "pkg:oci/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-autoscaler-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "product": { "name": "openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "product_id": "openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "product_identification_helper": { "purl": "pkg:oci/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-controller-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "product": { "name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "product_id": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "product_identification_helper": { "purl": "pkg:oci/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-domain-mapping-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "product": { "name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "product_id": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "product_identification_helper": { "purl": "pkg:oci/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-domain-mapping-webhook-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "product": { "name": "openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "product_id": "openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "product_identification_helper": { "purl": "pkg:oci/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-queue-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "product": { "name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "product_id": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "product_identification_helper": { "purl": "pkg:oci/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-storage-version-migration-rhel8\u0026tag=1.10.0-4" } } }, { "category": "product_version", "name": "openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "product": { "name": "openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "product_id": "openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "product_identification_helper": { "purl": "pkg:oci/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-webhook-rhel8\u0026tag=1.10.0-4" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "product": { "name": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "product_id": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "product_identification_helper": { "purl": "pkg:oci/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/logic-swf-builder-rhel8\u0026tag=1.31.0-5" } } }, { "category": "product_version", "name": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "product": { "name": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "product_id": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "product_identification_helper": { "purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8\u0026tag=1.31.0-4" } } } ], "category": "architecture", "name": "arm64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x" }, "product_reference": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64" }, "product_reference": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le" }, "product_reference": "openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64" }, "product_reference": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x" }, "product_reference": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le" }, "product_reference": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le" }, "product_reference": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64" }, "product_reference": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64" }, "product_reference": "openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le" }, "product_reference": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64" }, "product_reference": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64" }, "product_reference": "openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x" }, "product_reference": "openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le" }, "product_reference": "openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64" }, "product_reference": "openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64" }, "product_reference": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x" }, "product_reference": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64" }, "product_reference": "openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x" }, "product_reference": "openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64" }, "product_reference": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x" }, "product_reference": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x" }, "product_reference": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64" }, "product_reference": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x" }, "product_reference": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64" }, "product_reference": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x" }, "product_reference": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x" }, "product_reference": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64" }, "product_reference": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x" }, "product_reference": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64" }, "product_reference": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64" }, "product_reference": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x" }, "product_reference": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x" }, "product_reference": "openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64" }, "product_reference": "openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x" }, "product_reference": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64" }, "product_reference": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64" }, "product_reference": "openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le" }, "product_reference": "openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x" }, "product_reference": "openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x" }, "product_reference": "openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le" }, "product_reference": "openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64" }, "product_reference": "openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x" }, "product_reference": "openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le" }, "product_reference": "openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64" }, "product_reference": "openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le" }, "product_reference": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x" }, "product_reference": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64" }, "product_reference": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64" }, "product_reference": "openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x" }, "product_reference": "openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le" }, "product_reference": "openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x" }, "product_reference": "openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64" }, "product_reference": "openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le" }, "product_reference": "openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le" }, "product_reference": "openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x" }, "product_reference": "openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64" }, "product_reference": "openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x" }, "product_reference": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64" }, "product_reference": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le" }, "product_reference": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64" }, "product_reference": "openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le" }, "product_reference": "openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64" }, "product_reference": "openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x" }, "product_reference": "openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le" }, "product_reference": "openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64" }, "product_reference": "openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x" }, "product_reference": "openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64" }, "product_reference": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le" }, "product_reference": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x" }, "product_reference": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x" }, "product_reference": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64" }, "product_reference": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le" }, "product_reference": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le" }, "product_reference": "openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64" }, "product_reference": "openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x" }, "product_reference": "openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64" }, "product_reference": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x" }, "product_reference": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le" }, "product_reference": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x" }, "product_reference": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64" }, "product_reference": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le" }, "product_reference": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le" }, "product_reference": "openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64" }, "product_reference": "openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x" }, "product_reference": "openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64" }, "product_reference": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le" }, "product_reference": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x" }, "product_reference": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64" }, "product_reference": "openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le" }, "product_reference": "openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x" }, "product_reference": "openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le" }, "product_reference": "openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64 as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64" }, "product_reference": "openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "relates_to_product_reference": "8Base-RHOSS-1.31" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x as a component of Red Hat OpenShift Serverless 1.31", "product_id": "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" }, "product_reference": "openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x", "relates_to_product_reference": "8Base-RHOSS-1.31" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-6481", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2252956" } ], "notes": [ { "category": "description", "text": "A flaw was found in the logback package. Affected versions of this package are vulnerable to Uncontrolled Resource Consumption (\u0027Resource Exhaustion\u0027) via the logback receiver component. This flaw allows an attacker to mount a denial-of-service attack by sending poisoned data.", "title": "Vulnerability description" }, { "category": "summary", "text": "logback: A serialization vulnerability in logback receiver", "title": "Vulnerability summary" }, { "category": "other", "text": "The security vulnerability in the logback package is considered of moderate severity due to its potential for facilitating a denial-of-service (DoS) attack. While a DoS attack can disrupt service availability, this vulnerability may not lead to more severe consequences such as unauthorized access or data breaches.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6481" }, { "category": "external", "summary": "RHBZ#2252956", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252956" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6481", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6481" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481" } ], "release_date": "2023-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-15T12:55:28+00:00", "details": "See the Red Hat OpenShift serverless 1.31 documentation at: \nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_serverless/1.31", "product_ids": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0843" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "logback: A serialization vulnerability in logback receiver" }, { "cve": "CVE-2023-39326", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-12-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2253330" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body (up to 1GiB), causing the receiver to fail reading the response, possibly leading to a Denial of Service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-39326" }, { "category": "external", "summary": "RHBZ#2253330", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253330" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39326", "url": "https://www.cve.org/CVERecord?id=CVE-2023-39326" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39326", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39326" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2023-2382", "url": "https://pkg.go.dev/vuln/GO-2023-2382" } ], "release_date": "2023-12-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-15T12:55:28+00:00", "details": "See the Red Hat OpenShift serverless 1.31 documentation at: \nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_serverless/1.31", "product_ids": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0843" }, { "category": "workaround", "details": "No mitigation is available for this flaw.", "product_ids": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests" }, { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "discovery_date": "2023-12-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2254210" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)", "title": "Vulnerability summary" }, { "category": "other", "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-48795" }, { "category": "external", "summary": "RHBZ#2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795", "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795" }, { "category": "external", "summary": "https://access.redhat.com/solutions/7071748", "url": "https://access.redhat.com/solutions/7071748" }, { "category": "external", "summary": "https://terrapin-attack.com/", "url": "https://terrapin-attack.com/" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-15T12:55:28+00:00", "details": "See the Red Hat OpenShift serverless 1.31 documentation at: \nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_serverless/1.31", "product_ids": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0843" }, { "category": "workaround", "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748", "product_ids": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)" }, { "cve": "CVE-2023-49568", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2258165" } ], "notes": [ { "category": "description", "text": "A denial of service (DoS) vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients.", "title": "Vulnerability description" }, { "category": "summary", "text": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients", "title": "Vulnerability summary" }, { "category": "other", "text": "This problem only affects the go implementation and not the original git cli code. Applications using only in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-49568" }, { "category": "external", "summary": "RHBZ#2258165", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-49568", "url": "https://www.cve.org/CVERecord?id=CVE-2023-49568" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568" }, { "category": "external", "summary": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r", "url": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r" } ], "release_date": "2023-12-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-15T12:55:28+00:00", "details": "See the Red Hat OpenShift serverless 1.31 documentation at: \nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_serverless/1.31", "product_ids": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0843" }, { "category": "workaround", "details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.", "product_ids": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients" }, { "cve": "CVE-2023-49569", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2024-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2258143" } ], "notes": [ { "category": "description", "text": "A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients", "title": "Vulnerability summary" }, { "category": "other", "text": "This problem only affects the go implementation and not the original git cli code. Applications using BoundOS or in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.\n\nIn OpenShift Container Platform (OCP) the vulnerable github.com/go-git/go-git/v5 Go package is used as a dependency in many components where the vulnerable function is not used, hence the impact by this vulnerability is reduced to Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-49569" }, { "category": "external", "summary": "RHBZ#2258143", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258143" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-49569", "url": "https://www.cve.org/CVERecord?id=CVE-2023-49569" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49569", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49569" }, { "category": "external", "summary": "https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88", "url": "https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88" } ], "release_date": "2024-01-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-15T12:55:28+00:00", "details": "See the Red Hat OpenShift serverless 1.31 documentation at: \nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_serverless/1.31", "product_ids": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0843" }, { "category": "workaround", "details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.", "product_ids": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:a4938cee3f3314274638edea5022fd24ec5cc49c054286a7a36c56bf6e45d2dd_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:b1e19465c334ee323f43162aef6bbd165597633d359661c0904958e2878129bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8@sha256:ffaaf64421c78a1b3f0bbd5d75435c156b9b09e3ac5614803c7c81ca7b2645ef_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:136cd272c25b4a385a308911e9c1e53606586d7f18e67b7daa87f0e3eef142b9_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:302189cc2ee74a14847380fb5f71187b0ff8299eddd2eb90fbe113f66238e68b_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-builder-rhel8@sha256:c0413ebd128da64cd8e0ba46aedcbc680fac070b60446c0f03cb99ecdb980496_amd64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:0346b382d744d5a99092406a2639431e63d0cdbfe7674ad7beaa8e68cc5e7fc5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:55fc8d4388975c8df0ccd0b45eeef99bb65a3cc7fb5ba746ff07dbfb16e7404a_arm64", "8Base-RHOSS-1.31:openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8@sha256:c3fdef608969828ad1eae21d367f6a268715acd00991e108dd113381475b7a10_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:0dd6bf7f92fd7eea72a3968b27f55c08808e4687e2a65b6955fa1331a79d1d5d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:700e95455c0c2514a4326ea2c1a597a58e4bbf67b656ecd2760e691df30380ad_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/client-kn-rhel8@sha256:e4410ad59242c54f1f53a58412baca79c0bee5efc3d8b40a403e2f6eead87718_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:1bad1e5889b07aa50871d74318668082e5f7fda8c09903f2eba198d226aa2e7c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:dfacb95a77624c04ef789407ebd4283c88757881ea20bc341bd7d4c8d59f4754_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e4fd565bc1e8bffbaa1bc16e62e56b0a66cab2065d2df49f4bd9b3c3154b4dc0_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:4afc2ba1d75f306319fedc00dbdb06b27e602bd6ef84b8397aefaebab32826db_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:659ad27b6570fc8c5666f9fa5ad2a3c47e683c68417a3bd487190af707788844_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-controller-rhel8@sha256:e9a6bdf36e9ef8a37932d7175277c6517bd0e85200f55acbe00d41028d43e4ba_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:2820f81589a86c6dab15c820d5e68e5a6d7d12469565033390d59ae3ec6ba31c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:54cbeee83c053938e652f273dbc25855d24407787dffca84577bad55806a2a74_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a002f3f229057b531e1350fef0101fff51057109d6af9440bcef43e6dfaa2bf5_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:42f051ed5e6e3f0e27ea1a448824d3190e1ab4205a814ff5c1918ca645119e47_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:a96dde60e638e2c7367ade552263f1b6a9c07e10672e0c125bf9befd48e19016_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:d25907fdbf530ec6102a87391c6a47e13becb781925d4f10b6834e1720ed6eec_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:2b26accba46dec1e2a7b009a651adb96e31bbcb23110e2a7d5eeb2faf1df5a89_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:ce30d09c74245cbb5ce0bd1e56c7890d5d1dab09f32de8bb9d95dc38bcefa49a_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-istio-controller-rhel8@sha256:e9e451554be91d262572c5bb551a86989f8e300d944b85c1ecc9b3ea557bbf05_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:03e1cd2f0b96780e81bd683380ab82f42e1d75c23f40b8001cc9ec04a1738b37_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:158362c50e90590fc5856f66b29812a9d8611581de494799c8e76c9a338bd119_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-controller-rhel8@sha256:d2f21f5dde48a8b82519ff20d0481bcef01a206879afa6efacfa3808723a7f1c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:3bc1e11288157365b856395d78e281c739c03fb4f2ae01de24a355002701c1d3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:c3d9050330b90591db2575d97eda2065236247b618a9480558d00ecd54eca23d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8@sha256:df2098edc41a26d7ac06dbcd8df0ab12a26c9f46748b96d38b42ed487f2ff321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:211908f2ce585684d4324d3702a5d78f00db3bef13aa2549ec8ea6c1f01a7060_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:846057e9be6db0d17ab4322db949f8944d7efbdcd1185a58bfbb43f401f8de40_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-post-install-rhel8@sha256:85ca3277f066ae1465f151cc33d0c87724b7fc53705339efa6d92afc86573259_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:ae90a185be0efd775e6bf751b4ac35b09c2e9157f1ba390ecfd77748d1b2d526_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:c938f1c875b50eae3e00d820d9da4b3f799dd82a26f1a56e665c1744e8b468f4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-receiver-rhel8@sha256:f90d02e1bd6f24591c0e1adefef1865d4050c3680e64c12091b5941d2ac4fb03_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c12f4acf50470ad674931589eefa95a9d17611b2aa8150e9d9739284383c5d06_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:c5ffd229f10899555ec5967620b656092037b39542afb5911d2db303c3c715ed_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-kafka-broker-webhook-rhel8@sha256:d035a6b261ede39e70d94a92b7b73a6f2b0c96ce81be603de050d08487fa25dd_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:00b929fd03bad354f0f74790f1a4516129ecbb59c9bbe7b81a78d3887991b0b1_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:72297f610564132fd866e7b9d1b08d391073bff769a64a00131e0e3affa06dfa_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a8244530c457577c8c133ef50b6e390e1765d3e7f8c17947913ddfc5d508037e_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:cbb1d3fdf7997315fce99cd9d3efb83d44546c49a02df1d87a2b4e87a9ca761b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:da96cf639e175a6e1a833ed5efc869848e406e1d2b5c23f51e9f893c22b8bf6f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:f5e6bcad57f3c80e29952c93ad8d163d752d7e5342d1892c8e7c58ce3b34fdb3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:8b7e0adf21e59a20cb22243d12f2f30d2c26e5d94f1d9b8e8304605ff62cd250_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:a183b1a161f779541d91050febd77b21bbff573187118da8809989fc7cafb119_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:afec757d159ba9b5e55ffe316f4508bf6eb792c1d4d959d3e9e9a101a6905f6d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:99aae30badc49708352cbfbf746d5b71542e621bf53dbb70c020f245164ee02d_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:a9749dd06f6cfa11ec4c7ac406c3ed39530733e40bf69b482b563ca7b57dcbdc_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-mtping-rhel8@sha256:c0c525c945b810a343849159fa318b4c457c96bf55cc47c4828a16a53627b6b3_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:70476c2c252928d19d99de809ceec289ec552fed0d4102103874d8535c09acab_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:95bc85c638bac8a717601187a9c718c42987250963c68730628942a69cf79db0_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b525ac993d501d290b59a13ad5197406d4c79f9d227641466b15968164e53a4c_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:3278b3c537ad9e6034f35a4c9beb0fc5e16a40f4714783305c7dff060688e7ab_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:913fb2c16d9d043c676c36f1963bc076f2ed3d7b5b0236f0784fbc07ce931cd3_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/eventing-webhook-rhel8@sha256:e16110d036af2cbb130d428665dff8928b33ea2e1a2acdf0102d7a46d40cbd1b_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:0c68af7548ee486fd5e9b894308c65003cc2eac0377d1460893069a0dd939321_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:4b3189a80899e295c7caea837eef5d1f8d9f5189fd2791e650ebf36745f19021_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/func-utils-rhel8@sha256:98570a3210cac55e2531532b7f0e7606cb4397193c801be66b67f45260db2208_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:67e449a33b598650ac27665611f68df18b56de1aa64002c8eba3b85ea12a1590_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:cf91a1ddc98dac23b4aa799a4406299165b379b0daa123decea34b5100728468_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/ingress-rhel8-operator@sha256:f442511f6bf6982f878d98b59ebb9791caa779278d34f8c45b94f3253896f01b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:3c50e6e72081ccc491b77450d06f38c37263e42dd5c26e88f27813c1b7874643_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:6364c73376bfb2adede70d60ad1be26abb20e43adf70300fb8dbd08df9e628ee_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:d6153fa924adca9bbf4a68d6ba8316412a386954c70750daec5fd8f9266d6f66_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:1b14f2108ee78ea87f3e8ddf8640dfe333a7228de4a6671ecec949bc3205981d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:8dbba7b46580d835fd6545c1d20cf8fe6538095581a57c1b73fd3e48c8b0c7fa_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/knative-rhel8-operator@sha256:b24c65f32f4d2dae35911820e7695c87e2b9f1f90c9245a2976f5830c3d03543_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:0d451c996a86f0a7b61bfa2898ade82d3d1a405871e5a06ec73130dfcfb879bf_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:7e8de7fbcea8dd44c3d2eb89650e4b0e98be77a1e23e7a3a7d4891618a07ba82_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/kourier-control-rhel8@sha256:b11021693f69fde1ec53a4782f661382174ccc78b0f4753ed12068730b28b6e8_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:6f1738fe3b8d6d5c8eb1dfec0d0cdfff2cadea931404bd9db7d1a0df6c958153_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:b3ddc2fb4879ccbf437eccb8a5547718abecd3e8be9d19404e20331db3fcc483_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-controller-rhel8@sha256:f4d503c0f6dbe4b0cc41af6ca0c4427f4a4fe0ab44a8880b39c73daf912db2a8_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:4dd5b7a044b24a8f1fb8939b40fd9e24d644671bd4f0e5ff3ebded23504d5a5f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bac38a132d2db0a4a297c4ad07f587bc336609113d628eb85c9932f375cd1f98_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/net-istio-webhook-rhel8@sha256:bc8e20d97530b097b88dab97e8d81c6070237528b971d6d88b1aab5d501ecb7b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-operator-bundle@sha256:a82288782b61ea46d068cc09ee10608d3201c136abfc767e4d37734775101390_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:0cc3730d6bf5c921f22509fec73853cf1bdbe216fb8bf8ce248a87eb2ad54a54_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:3d76f026eae72fe30ff5d12c2564a593921cf4e99241859da4ec90b3ef26a35b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serverless-rhel8-operator@sha256:7d553a8d9198fe9f3f9a9fb62c3fffa3deabe8e7cb84367886c30714d9779618_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:689aaf6f75f9fb434dfddf7f2911954839849b87d2c2a0e4b0e056efc7a5f83c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:b42cf20631e02f3ab3b1292b2624172cef3831749a3cddfd86727ee3a1411c41_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-activator-rhel8@sha256:c2598ade3bd22ee75f1bde19e78231a151ea82b48d3bc052b4ad421f0975d9ec_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:108b792edc1fbc77fa99dcec22bf2f7452424b4c9973971b88797c298699c689_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:1251f3c3ef7b085282deb3348c1c40ed222df91208b6b8750ee93b4ca66272e2_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:8179a7a83fc3c83c06f6fd0b941f19d75997611822424eae6b6fc405ebc48a94_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:16701e535d9186c611615241c955a38483d2002a53f37f45172c6d818d20c4d5_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:1c693aa9e457df1f8408993f556eb9f0923898eeb3884e5f9a072b4048bd1a1f_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d5581529fa37f2b4a2f8c28e5c26c209eb15541fb5780e4ab4d9bddb34886e5c_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:232720ae9296a83da912ad1cb501cf8113b70ca15bac7251b3e4d82398c97e75_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:45dd557dc4290516c82d91ed16e85a653116b85cd73c5739f422be4bcaad093b_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-controller-rhel8@sha256:bbe167335b9444e3909f8f61c90fb5f9310acb12514cb8e137c17e98dbf64512_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:17e3a0db23342d32d4f08d447b4dafea288750b40a28b982ba0ee91c14211902_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:80ed7c55b1c316d3151b89bae226f51948f14ec69ab35633bdfb0f1a1b16882e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:d23918b519f72b5d729ff523d33f273d5465752a2a2dedb00f64212ddf0e043b_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:84b4f0618e019312c2d4d0b99b6a51d5b4636a140fa784f909021c99f69863bc_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a542538f5fd71be92fa3aff8625ebc5f9a68981c48436ad1f83fa19ce92bf63e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:f7b9c354bfb44d97a21e990a3905eed164329430cbdc5adf5ce80c7511c1f60d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:78eb24a18313a547a6b7ea1fb201467fd7b294a0bbc855e00035bc7a7517d72d_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:b45777ef967b6b9601aaf2f8a0de5c75de85323684eef296667367548bbc9736_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-queue-rhel8@sha256:c7881212406406e561c74aac8c3001caf63b58a768a81d34a80644fc43d9e645_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:00aedcc18ab1a826639e8de161f34fee1eddb1823004c94a1f100711b743b4f0_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:61f11992e13aee18348afe91fbb3249c7918dc21fd465038473e7077d6d9a17f_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:eb6e65434196d32242557f360870d66086b1c59fd9d40afe05c97115359f003e_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:056ccae94aa36dc8845fa8f840d41ce34e3b3a924c29dcd727cfa4d0eb3e6f6e_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:3dfe50c5ec8788f94b725a6c56b35896ac78c48f9e36bacd2d658701e5d205c4_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/serving-webhook-rhel8@sha256:7d551aeaa28b6a25f9f03f253d7066ea36c0d23b0890e32f700dacb04f63864f_s390x", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:756522148764a3e61300823398e5d8cf68bd192703d3c1c9816b0e363049b0d7_ppc64le", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:8878c29f676c00feb67f95e345d71c5b571b4b4bf7b021bcfcacbcdfe65a5b6d_amd64", "8Base-RHOSS-1.31:openshift-serverless-1/svls-must-gather-rhel8@sha256:e28666e6f791ad95d4dd49f75b017e3699d7edd62d22452657f6b103c95b1b10_s390x" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients" } ] }
rhsa-2024_2945
Vulnerability from csaf_redhat
Published
2024-05-21 14:18
Modified
2024-12-17 22:54
Summary
Red Hat Security Advisory: Red Hat AMQ Broker 7.12.0 release and security update
Notes
Topic
Red Hat AMQ Broker 7.12.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.
This release of Red Hat AMQ Broker 7.12.0 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* (CVE-2023-6717) keycloak: XSS via assertion consumer service URL in SAML POST-binding flow
* (CVE-2024-1132) keycloak: path transversal in redirection validation
* (CVE-2024-1249) keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkLoginIframe leads to DDoS
* (CVE-2024-22259) springframework: URL Parsing with Host Validation
* (CVE-2022-41678) Apache ActiveMQ: Deserialization vulnerability on Jolokia that allows authenticated users to perform RCE
* (CVE-2023-44981) zookeeper: Authorization Bypass in Apache ZooKeeper
* (CVE-2023-6378) logback: serialization vulnerability in logback receiver
* (CVE-2023-6481) logback: A serialization vulnerability in logback receiver
* (CVE-2024-29025) netty-codec-http: Allocation of Resources Without Limits or Throttling
* (CVE-2024-29131) commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
* (CVE-2024-29133) commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat AMQ Broker 7.12.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.\n\nThis release of Red Hat AMQ Broker 7.12.0 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* (CVE-2023-6717) keycloak: XSS via assertion consumer service URL in SAML POST-binding flow\n* (CVE-2024-1132) keycloak: path transversal in redirection validation\n* (CVE-2024-1249) keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkLoginIframe leads to DDoS\n* (CVE-2024-22259) springframework: URL Parsing with Host Validation\n* (CVE-2022-41678) Apache ActiveMQ: Deserialization vulnerability on Jolokia that allows authenticated users to perform RCE\n* (CVE-2023-44981) zookeeper: Authorization Bypass in Apache ZooKeeper\n* (CVE-2023-6378) logback: serialization vulnerability in logback receiver\n* (CVE-2023-6481) logback: A serialization vulnerability in logback receiver\n* (CVE-2024-29025) netty-codec-http: Allocation of Resources Without Limits or Throttling\n* (CVE-2024-29131) commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()\n* (CVE-2024-29133) commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:2945", "url": "https://access.redhat.com/errata/RHSA-2024:2945" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.12.0", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.12.0" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.12", "url": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.12" }, { "category": "external", "summary": "2243436", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243436" }, { "category": "external", "summary": "2252185", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252185" }, { "category": "external", "summary": "2252230", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252230" }, { "category": "external", "summary": "2252956", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252956" }, { "category": "external", "summary": "2253952", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253952" }, { "category": "external", "summary": "2262117", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262117" }, { "category": "external", "summary": "2262918", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262918" }, { "category": "external", "summary": "2269846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269846" }, { "category": "external", "summary": "2270673", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270673" }, { "category": "external", "summary": "2270674", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270674" }, { "category": "external", "summary": "2272907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2945.json" } ], "title": "Red Hat Security Advisory: Red Hat AMQ Broker 7.12.0 release and security update", "tracking": { "current_release_date": "2024-12-17T22:54:41+00:00", "generator": { "date": "2024-12-17T22:54:41+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:2945", "initial_release_date": "2024-05-21T14:18:30+00:00", "revision_history": [ { "date": "2024-05-21T14:18:30+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-05-21T14:18:30+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T22:54:41+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat AMQ Broker 7", "product": { "name": "Red Hat AMQ Broker 7", "product_id": "Red Hat AMQ Broker 7", "product_identification_helper": { "cpe": "cpe:/a:redhat:amq_broker:7.12" } } } ], "category": "product_family", "name": "Red Hat JBoss AMQ" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-41678", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2023-11-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2252185" } ], "notes": [ { "category": "description", "text": "Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution.\u00a0\n\nIn details, in ActiveMQ configurations, jetty allows\norg.jolokia.http.AgentServlet to handler request to /api/jolokia\n\norg.jolokia.http.HttpRequestHandler#handlePostRequest is able to\ncreate JmxRequest through JSONObject. And calls to\norg.jolokia.http.HttpRequestHandler#executeRequest.\n\nInto deeper calling stacks,\norg.jolokia.handler.ExecHandler#doHandleRequest can be invoked\nthrough refection. This could lead to RCE through via\nvarious mbeans. One example is unrestricted deserialization in jdk.management.jfr.FlightRecorderMXBeanImpl which exists on Java version above 11.\n\n1 Call newRecording.\n\n2 Call setConfiguration. And a webshell data hides in it.\n\n3 Call startRecording.\n\n4 Call copyTo method. The webshell will be written to a .jsp file.\n\nThe mitigation is to restrict (by default) the actions authorized on Jolokia, or disable Jolokia.\nA more restrictive Jolokia configuration has been defined in default ActiveMQ distribution. We encourage users to upgrade to ActiveMQ distributions version including updated Jolokia configuration: 5.16.6, 5.17.4, 5.18.0, 6.0.0.\n", "title": "Vulnerability description" }, { "category": "summary", "text": "ActiveMQ: Deserialization vulnerability on Jolokia that allows authenticated users to perform RCE", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is considered moderate severity due to the requirement of authenticated access to exploit the flaw, significantly reducing the risk to systems that enforce strong authentication controls. While it does allow for remote code execution through Jolokia\u0027s request handling and Java Management Extensions (JMX), the exploitation pathway is complex and relies on specific conditions, such as the presence of Java 11 or higher and misconfigured or permissive Jolokia settings. an authenticated attacker to achieve remote code execution (RCE) within the ActiveMQ environment.Only an authenticated attacker to achieve remote code execution (RCE) within the ActiveMQ environment. In environments where authentication is well-managed and Jolokia is correctly configured or disabled, the likelihood of successful exploitation is reduced, mitigating the overall impact on system security.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Broker 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41678" }, { "category": "external", "summary": "RHBZ#2252185", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252185" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41678", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41678" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41678", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41678" } ], "release_date": "2023-11-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-21T14:18:30+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat AMQ Broker 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2945" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat AMQ Broker 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Broker 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ActiveMQ: Deserialization vulnerability on Jolokia that allows authenticated users to perform RCE" }, { "cve": "CVE-2023-6378", "cwe": { "id": "CWE-499", "name": "Serializable Class Containing Sensitive Data" }, "discovery_date": "2023-11-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2252230" } ], "notes": [ { "category": "description", "text": "A flaw was found in the logback package, where it is vulnerable to a denial of service caused by a serialization flaw in the receiver component. By sending specially crafted poisoned data, a remote attacker can cause a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "logback: serialization vulnerability in logback receiver", "title": "Vulnerability summary" }, { "category": "other", "text": "The Logback package vulnerability, posing a risk of denial-of-service through a serialization flaw in its receiver component, is considered a moderate issue due to its potential impact on system availability. While denial-of-service vulnerabilities can be disruptive, the severity is tempered by the fact that they generally do not result in unauthorized access or data compromise.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Broker 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6378" }, { "category": "external", "summary": "RHBZ#2252230", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252230" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6378", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6378" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6378", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6378" } ], "release_date": "2023-11-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-21T14:18:30+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat AMQ Broker 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2945" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat AMQ Broker 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Broker 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "logback: serialization vulnerability in logback receiver" }, { "cve": "CVE-2023-6481", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2252956" } ], "notes": [ { "category": "description", "text": "A flaw was found in the logback package. Affected versions of this package are vulnerable to Uncontrolled Resource Consumption (\u0027Resource Exhaustion\u0027) via the logback receiver component. This flaw allows an attacker to mount a denial-of-service attack by sending poisoned data.", "title": "Vulnerability description" }, { "category": "summary", "text": "logback: A serialization vulnerability in logback receiver", "title": "Vulnerability summary" }, { "category": "other", "text": "The security vulnerability in the logback package is considered of moderate severity due to its potential for facilitating a denial-of-service (DoS) attack. While a DoS attack can disrupt service availability, this vulnerability may not lead to more severe consequences such as unauthorized access or data breaches.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Broker 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6481" }, { "category": "external", "summary": "RHBZ#2252956", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252956" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6481", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6481" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481" } ], "release_date": "2023-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-21T14:18:30+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat AMQ Broker 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2945" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat AMQ Broker 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Broker 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "logback: A serialization vulnerability in logback receiver" }, { "cve": "CVE-2023-6717", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2023-12-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2253952" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one realm or a client with registration access to target users in different realms or applications, executing arbitrary JavaScript in their contexts upon form submission. This can enable unauthorized access and harmful actions, compromising the confidentiality, integrity, and availability of the complete KC instance.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: XSS via assertion consumer service URL in SAML POST-binding flow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Broker 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6717" }, { "category": "external", "summary": "RHBZ#2253952", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253952" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6717", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6717" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6717", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6717" } ], "release_date": "2024-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-21T14:18:30+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat AMQ Broker 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2945" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L", "version": "3.1" }, "products": [ "Red Hat AMQ Broker 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: XSS via assertion consumer service URL in SAML POST-binding flow" }, { "cve": "CVE-2023-44981", "cwe": { "id": "CWE-639", "name": "Authorization Bypass Through User-Controlled Key" }, "discovery_date": "2023-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2243436" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache ZooKeeper. Authorization bypass through user-controlled key is available iff SASL Quorum Peer authentication is enabled in ZooKeeper via quorum.auth.enableSasl=true configuration. A malicious user could bypass the authentication controller by using a non-existing instance part in SASL authentication ID (which is optional), therefore, the server would skip this check and as a result, join the cluster and propagate information with complete read and write access.", "title": "Vulnerability description" }, { "category": "summary", "text": "zookeeper: Authorization Bypass in Apache ZooKeeper", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat AMQ 7 Broker and Red Hat AMQ Streams 2 use Zookeeper but do not use or enable the vulnerable functionality, Peer Authentication. They are affected at Moderate Impact by this flaw.\n\nRed Hat Fuse 7 uses Zookeeper but does not use any of its server capabilities and as such is not vulnerable, and so is affected at Low Impact by this flaw.\n\nRed Hat Process Automation Manager 7 and Red Hat Decision Manager 7 do not ship zookeeper, and so are not affected by this flaw.\n\nRed Hat Fuse 6 and AMQ 6 use Zookeeper but are not vulnerable to this flaw, and have been assessed as Important Impact and are as such out of security support scope for this flaw.\n\nRed Hat Business Process Manager Suite 6, Red Hat Business Rules Management Suite 6, Red Hat JBoss Data Virtualization 6, Red Hat OpenShift Application Runtime Vert-x, and Red Hat Fuse Service Works 6 are out of security support scope for this flaw.\n\nAs no Red Hat products are affected at Critical Impact by this flaw, its overall impact has been reduced to Important.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Broker 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-44981" }, { "category": "external", "summary": "RHBZ#2243436", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243436" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-44981", "url": "https://www.cve.org/CVERecord?id=CVE-2023-44981" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44981", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44981" }, { "category": "external", "summary": "https://lists.apache.org/thread/wf0yrk84dg1942z1o74kd8nycg6pgm5b", "url": "https://lists.apache.org/thread/wf0yrk84dg1942z1o74kd8nycg6pgm5b" } ], "release_date": "2023-10-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-21T14:18:30+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat AMQ Broker 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2945" }, { "category": "workaround", "details": "According to Apache\u0027s document: Ensure the ensemble election/quorum communication is protected by a firewall as this will mitigate the issue.", "product_ids": [ "Red Hat AMQ Broker 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat AMQ Broker 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "zookeeper: Authorization Bypass in Apache ZooKeeper" }, { "acknowledgments": [ { "names": [ "Axel Flamcourt" ] } ], "cve": "CVE-2024-1132", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2024-01-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2262117" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: path transversal in redirection validation", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Build of Quarkus is not impacted as this CVE affects the server-side Keycloak execution, but Quarkus only acts as a Keycloak client in its quarkus-keycloak-authorization extension. For this reason, Quarkus is marked as having a Low impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Broker 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-1132" }, { "category": "external", "summary": "RHBZ#2262117", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262117" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-1132", "url": "https://www.cve.org/CVERecord?id=CVE-2024-1132" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1132", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1132" } ], "release_date": "2024-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-21T14:18:30+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat AMQ Broker 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2945" }, { "category": "workaround", "details": "No current mitigation is available for this vulnerability.", "product_ids": [ "Red Hat AMQ Broker 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat AMQ Broker 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "keycloak: path transversal in redirection validation" }, { "acknowledgments": [ { "names": [ "Adriano M\u00e1rcio Monteiro" ] } ], "cve": "CVE-2024-1249", "cwe": { "id": "CWE-346", "name": "Origin Validation Error" }, "discovery_date": "2024-02-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2262918" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak\u0027s OIDC component in the \"checkLoginIframe,\" which allows unvalidated cross-origin messages. This flaw allows attackers to coordinate and send millions of requests in seconds using simple code, significantly impacting the application\u0027s availability without proper origin validation for incoming messages.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkLoginIframe leads to DDoS", "title": "Vulnerability summary" }, { "category": "other", "text": "The vulnerability in Keycloak\u0027s OIDC component allowing unvalidated cross-origin messages in the \"checkLoginIframe\" function represents an important severity issue due to its potential to cause significant disruption and resource exhaustion. Exploitation of this flaw can lead to a Denial of Service (DoS) condition, where malicious actors can overwhelm the server with a high volume of requests, impacting availability for legitimate users. The absence of proper origin validation means attackers can exploit this weakness relatively easily, leveraging automated scripts to flood the server within seconds.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Broker 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-1249" }, { "category": "external", "summary": "RHBZ#2262918", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262918" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-1249", "url": "https://www.cve.org/CVERecord?id=CVE-2024-1249" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1249", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1249" } ], "release_date": "2024-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-21T14:18:30+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat AMQ Broker 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2945" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat AMQ Broker 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Broker 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkLoginIframe leads to DDoS" }, { "cve": "CVE-2024-22259", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2024-03-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2269846" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Spring Framework. Affected versions of this package are vulnerable to an Open Redirect when using UriComponentsBuilder to parse an externally provided URL and perform validation checks on the host of the parsed URL.", "title": "Vulnerability description" }, { "category": "summary", "text": "springframework: URL Parsing with Host Validation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Broker 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-22259" }, { "category": "external", "summary": "RHBZ#2269846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269846" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-22259", "url": "https://www.cve.org/CVERecord?id=CVE-2024-22259" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22259", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22259" }, { "category": "external", "summary": "https://spring.io/security/cve-2024-22259", "url": "https://spring.io/security/cve-2024-22259" } ], "release_date": "2024-03-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-21T14:18:30+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat AMQ Broker 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2945" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat AMQ Broker 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "springframework: URL Parsing with Host Validation" }, { "cve": "CVE-2024-29025", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2272907" } ], "notes": [ { "category": "description", "text": "A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.", "title": "Vulnerability description" }, { "category": "summary", "text": "netty-codec-http: Allocation of Resources Without Limits or Throttling", "title": "Vulnerability summary" }, { "category": "other", "text": "The vulnerability in io.netty:netty-codec-http, allowing for Allocation of Resources Without Limits or Throttling issues, is assessed as moderate severity due to its potential impact on system availability and performance. By exploiting the flaw in HttpPostRequestDecoder, an attacker can craft chunked POST requests with numerous small fields, causing excessive accumulation of data in memory buffers. This unrestricted accumulation can lead to significant memory consumption on the server, potentially exhausting available resources and resulting in denial of service (DoS) conditions.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Broker 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-29025" }, { "category": "external", "summary": "RHBZ#2272907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-29025", "url": "https://www.cve.org/CVERecord?id=CVE-2024-29025" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025" }, { "category": "external", "summary": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3", "url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3" }, { "category": "external", "summary": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c", "url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c" }, { "category": "external", "summary": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v", "url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812", "url": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812" } ], "release_date": "2024-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-21T14:18:30+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat AMQ Broker 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2945" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat AMQ Broker 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "Red Hat AMQ Broker 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "netty-codec-http: Allocation of Resources Without Limits or Throttling" }, { "cve": "CVE-2024-29131", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2024-03-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2270674" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in AbstractListDelimiterHandler.flattenIterator(). This issue could allow an attacker to corrupt memory or execute a denial of service attack by crafting malicious property that triggers an out-of-bounds write issue when processed by the vulnerable method.", "title": "Vulnerability description" }, { "category": "summary", "text": "commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Broker 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-29131" }, { "category": "external", "summary": "RHBZ#2270674", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270674" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-29131", "url": "https://www.cve.org/CVERecord?id=CVE-2024-29131" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29131", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29131" }, { "category": "external", "summary": "https://github.com/apache/commons-configuration/commit/56b5c4dcdffbde27870df5a3105d6a5f9b22f554", "url": "https://github.com/apache/commons-configuration/commit/56b5c4dcdffbde27870df5a3105d6a5f9b22f554" }, { "category": "external", "summary": "https://github.com/apache/commons-configuration/commit/7d7d399d0598cb0ca5f81891de34694178156dab", "url": "https://github.com/apache/commons-configuration/commit/7d7d399d0598cb0ca5f81891de34694178156dab" }, { "category": "external", "summary": "https://issues.apache.org/jira/browse/CONFIGURATION-840", "url": "https://issues.apache.org/jira/browse/CONFIGURATION-840" } ], "release_date": "2024-03-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-21T14:18:30+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat AMQ Broker 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2945" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat AMQ Broker 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "Red Hat AMQ Broker 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()" }, { "cve": "CVE-2024-29133", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2024-03-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2270673" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error occurs when calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree. This issue could allow an attacker to trigger an out-of-bounds write that could lead to memory corruption or cause a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Broker 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-29133" }, { "category": "external", "summary": "RHBZ#2270673", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270673" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-29133", "url": "https://www.cve.org/CVERecord?id=CVE-2024-29133" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29133", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29133" }, { "category": "external", "summary": "https://github.com/apache/commons-configuration/commit/43f4dab021e9acb8db390db2ae80aa0cee4f9ee4", "url": "https://github.com/apache/commons-configuration/commit/43f4dab021e9acb8db390db2ae80aa0cee4f9ee4" }, { "category": "external", "summary": "https://issues.apache.org/jira/browse/CONFIGURATION-841", "url": "https://issues.apache.org/jira/browse/CONFIGURATION-841" } ], "release_date": "2024-03-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-21T14:18:30+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat AMQ Broker 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2945" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat AMQ Broker 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "Red Hat AMQ Broker 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree" } ] }
rhsa-2024_1353
Vulnerability from csaf_redhat
Published
2024-03-18 09:47
Modified
2024-12-17 23:03
Summary
Red Hat Security Advisory: Red Hat Process Automation Manager 7.13.5 security update
Notes
Topic
An update is now available for Red Hat Process Automation Manager.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which provides a detailed severity rating, is available for each vulnerability from the CVE links in the References section.
Details
Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.
This asynchronous security patch is an update to Red Hat Process Automation Manager 7.
Security Fixes:
* JSON-java: parser confusion leads to OOM (CVE-2023-5072)
* okio: GzipSource class improper exception handling (CVE-2023-3635)
* xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow (CVE-2022-41966)
* batik: Server-Side Request Forgery vulnerability (CVE-2022-44729)
* batik: Server-Side Request Forgery vulnerability (CVE-2022-44730)
* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40151)
* RESTEasy: creation of insecure temp files (CVE-2023-0482)
* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat Process Automation Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which provides a detailed severity rating, is available for each vulnerability from the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis asynchronous security patch is an update to Red Hat Process Automation Manager 7.\n\nSecurity Fixes:\n\n* JSON-java: parser confusion leads to OOM (CVE-2023-5072)\n\n* okio: GzipSource class improper exception handling (CVE-2023-3635)\n\n* xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow (CVE-2022-41966)\n\n* batik: Server-Side Request Forgery vulnerability (CVE-2022-44729)\n\n* batik: Server-Side Request Forgery vulnerability (CVE-2022-44730)\n\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)\n\n* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40151)\n\n* RESTEasy: creation of insecure temp files (CVE-2023-0482)\n\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:1353", "url": "https://access.redhat.com/errata/RHSA-2024:1353" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2134292", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134292" }, { "category": "external", "summary": "2150009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009" }, { "category": "external", "summary": "2166004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004" }, { "category": "external", "summary": "2170431", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170431" }, { "category": "external", "summary": "2215465", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465" }, { "category": "external", "summary": "2229295", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2229295" }, { "category": "external", "summary": "2233889", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233889" }, { "category": "external", "summary": "2233899", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233899" }, { "category": "external", "summary": "2246417", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246417" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1353.json" } ], "title": "Red Hat Security Advisory: Red Hat Process Automation Manager 7.13.5 security update", "tracking": { "current_release_date": "2024-12-17T23:03:00+00:00", "generator": { "date": "2024-12-17T23:03:00+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:1353", "initial_release_date": "2024-03-18T09:47:51+00:00", "revision_history": [ { "date": "2024-03-18T09:47:51+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-03-18T09:47:51+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T23:03:00+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHPAM 7.13.5 async", "product": { "name": "RHPAM 7.13.5 async", "product_id": "RHPAM 7.13.5 async", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13" } } } ], "category": "product_family", "name": "Red Hat Process Automation Manager" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-1471", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-12-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150009" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).", "title": "Vulnerability description" }, { "category": "summary", "text": "SnakeYaml: Constructor Deserialization Remote Code Execution", "title": "Vulnerability summary" }, { "category": "other", "text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHPAM 7.13.5 async" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-1471" }, { "category": "external", "summary": "RHBZ#2150009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1471" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471" }, { "category": "external", "summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2", "url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2" } ], "release_date": "2022-10-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T09:47:51+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHPAM 7.13.5 async" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1353" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "RHPAM 7.13.5 async" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "SnakeYaml: Constructor Deserialization Remote Code Execution" }, { "cve": "CVE-2022-40151", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-10-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134292" } ], "notes": [ { "category": "description", "text": "A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.", "title": "Vulnerability description" }, { "category": "summary", "text": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHPAM 7.13.5 async" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40151" }, { "category": "external", "summary": "RHBZ#2134292", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134292" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40151", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40151" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40151", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40151" } ], "release_date": "2022-09-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T09:47:51+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHPAM 7.13.5 async" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1353" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "RHPAM 7.13.5 async" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks" }, { "cve": "CVE-2022-41966", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2023-02-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170431" } ], "notes": [ { "category": "description", "text": "A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Fuse 7 ships an affected version of XStream. No endpoint in any flavor of Fuse is accepting by default an unverified input stream passed directly to XStream unmarshaller. Documentation always recommend all the endpoints (TCP/UDP/HTTP(S)/other listeners) to have at least one layer of authentication/authorization and Fuse in general itself in particular has a lot of mechanisms to protect the endpoints.\n\nRed Hat Single Sign-On contains XStream as a transitive dependency from Infinispan and the same is not affected as NO_REFERENCE is in use.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHPAM 7.13.5 async" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41966" }, { "category": "external", "summary": "RHBZ#2170431", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170431" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41966", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41966" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41966", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41966" }, { "category": "external", "summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-j563-grx4-pjpv", "url": "https://github.com/x-stream/xstream/security/advisories/GHSA-j563-grx4-pjpv" } ], "release_date": "2022-12-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T09:47:51+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHPAM 7.13.5 async" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1353" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "RHPAM 7.13.5 async" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow" }, { "cve": "CVE-2022-44729", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2023-08-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2233889" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache Batik 1.0 - 1.16. This issue occurs due to a malicious SVG triggering external resources loading by default, causing resource consumption or in some cases information disclosure.", "title": "Vulnerability description" }, { "category": "summary", "text": "batik: Server-Side Request Forgery vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHPAM 7.13.5 async" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-44729" }, { "category": "external", "summary": "RHBZ#2233889", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233889" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-44729", "url": "https://www.cve.org/CVERecord?id=CVE-2022-44729" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-44729", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-44729" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gq5f-xv48-2365", "url": "https://github.com/advisories/GHSA-gq5f-xv48-2365" }, { "category": "external", "summary": "https://lists.apache.org/thread/hco2nw1typoorz33qzs0fcdx0ws6d6j2", "url": "https://lists.apache.org/thread/hco2nw1typoorz33qzs0fcdx0ws6d6j2" } ], "release_date": "2023-08-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T09:47:51+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHPAM 7.13.5 async" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1353" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1" }, "products": [ "RHPAM 7.13.5 async" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "batik: Server-Side Request Forgery vulnerability" }, { "cve": "CVE-2022-44730", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2023-08-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2233899" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache Batik, where a malicious SVG can probe user profile data and send it directly as parameter to a URL. This issue can allow an attacker to conduct SSRF attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "batik: Server-Side Request Forgery vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHPAM 7.13.5 async" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-44730" }, { "category": "external", "summary": "RHBZ#2233899", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233899" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-44730", "url": "https://www.cve.org/CVERecord?id=CVE-2022-44730" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-44730", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-44730" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-2474-2566-3qxp", "url": "https://github.com/advisories/GHSA-2474-2566-3qxp" }, { "category": "external", "summary": "https://lists.apache.org/thread/58m5817jr059f4v1zogh0fngj9pwjyj0", "url": "https://lists.apache.org/thread/58m5817jr059f4v1zogh0fngj9pwjyj0" } ], "release_date": "2023-08-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T09:47:51+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHPAM 7.13.5 async" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1353" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1" }, "products": [ "RHPAM 7.13.5 async" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "batik: Server-Side Request Forgery vulnerability" }, { "cve": "CVE-2023-0482", "cwe": { "id": "CWE-378", "name": "Creation of Temporary File With Insecure Permissions" }, "discovery_date": "2023-01-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2166004" } ], "notes": [ { "category": "description", "text": "In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.", "title": "Vulnerability description" }, { "category": "summary", "text": "RESTEasy: creation of insecure temp files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHPAM 7.13.5 async" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0482" }, { "category": "external", "summary": "RHBZ#2166004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0482", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0482" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482" } ], "release_date": "2023-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T09:47:51+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHPAM 7.13.5 async" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1353" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "RHPAM 7.13.5 async" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "RESTEasy: creation of insecure temp files" }, { "cve": "CVE-2023-3635", "cwe": { "id": "CWE-248", "name": "Uncaught Exception" }, "discovery_date": "2023-07-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2229295" } ], "notes": [ { "category": "description", "text": "A flaw was found in SquareUp Okio. A class GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This issue may allow a malicious user to start processing a malformed file, which can result in a Denial of Service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "okio: GzipSource class improper exception handling", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat JBoss Enterprise Application Platform XP does contain Okio package but is not using GzipSource.java, which is the affected class.\nRed Hat support for Spring Boot is considered low impact as it\u0027s used by Dekorate during compilation process and not included in the resulting Jar.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHPAM 7.13.5 async" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-3635" }, { "category": "external", "summary": "RHBZ#2229295", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2229295" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-3635", "url": "https://www.cve.org/CVERecord?id=CVE-2023-3635" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3635", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3635" } ], "release_date": "2023-07-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T09:47:51+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHPAM 7.13.5 async" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1353" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "RHPAM 7.13.5 async" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "okio: GzipSource class improper exception handling" }, { "cve": "CVE-2023-5072", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2023-10-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2246417" } ], "notes": [ { "category": "description", "text": "A flaw was found in the org.json package. A bug in the parser exists, and an input string may lead to undefined usage of memory, leading to an out-of-memory error, causing a denial of service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "JSON-java: parser confusion leads to OOM", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability may cause denial of service with a small string input, causing the server to be unresponsive easily, hence the Important impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHPAM 7.13.5 async" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-5072" }, { "category": "external", "summary": "RHBZ#2246417", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246417" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5072", "url": "https://www.cve.org/CVERecord?id=CVE-2023-5072" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5072", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5072" }, { "category": "external", "summary": "https://github.com/stleary/JSON-java/issues/758", "url": "https://github.com/stleary/JSON-java/issues/758" }, { "category": "external", "summary": "https://github.com/stleary/JSON-java/issues/771", "url": "https://github.com/stleary/JSON-java/issues/771" } ], "release_date": "2023-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T09:47:51+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHPAM 7.13.5 async" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1353" }, { "category": "workaround", "details": "No current mitigation is available for this flaw.", "product_ids": [ "RHPAM 7.13.5 async" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "RHPAM 7.13.5 async" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JSON-java: parser confusion leads to OOM" }, { "cve": "CVE-2023-6481", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2252956" } ], "notes": [ { "category": "description", "text": "A flaw was found in the logback package. Affected versions of this package are vulnerable to Uncontrolled Resource Consumption (\u0027Resource Exhaustion\u0027) via the logback receiver component. This flaw allows an attacker to mount a denial-of-service attack by sending poisoned data.", "title": "Vulnerability description" }, { "category": "summary", "text": "logback: A serialization vulnerability in logback receiver", "title": "Vulnerability summary" }, { "category": "other", "text": "The security vulnerability in the logback package is considered of moderate severity due to its potential for facilitating a denial-of-service (DoS) attack. While a DoS attack can disrupt service availability, this vulnerability may not lead to more severe consequences such as unauthorized access or data breaches.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHPAM 7.13.5 async" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6481" }, { "category": "external", "summary": "RHBZ#2252956", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252956" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6481", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6481" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481" } ], "release_date": "2023-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T09:47:51+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHPAM 7.13.5 async" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1353" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "RHPAM 7.13.5 async" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "RHPAM 7.13.5 async" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "logback: A serialization vulnerability in logback receiver" }, { "cve": "CVE-2023-6717", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2023-12-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2253952" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one realm or a client with registration access to target users in different realms or applications, executing arbitrary JavaScript in their contexts upon form submission. This can enable unauthorized access and harmful actions, compromising the confidentiality, integrity, and availability of the complete KC instance.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: XSS via assertion consumer service URL in SAML POST-binding flow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHPAM 7.13.5 async" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6717" }, { "category": "external", "summary": "RHBZ#2253952", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253952" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6717", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6717" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6717", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6717" } ], "release_date": "2024-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T09:47:51+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHPAM 7.13.5 async" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1353" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L", "version": "3.1" }, "products": [ "RHPAM 7.13.5 async" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: XSS via assertion consumer service URL in SAML POST-binding flow" }, { "cve": "CVE-2023-33201", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2023-06-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2215465" } ], "notes": [ { "category": "description", "text": "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.", "title": "Vulnerability description" }, { "category": "summary", "text": "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHPAM 7.13.5 async" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-33201" }, { "category": "external", "summary": "RHBZ#2215465", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-33201", "url": "https://www.cve.org/CVERecord?id=CVE-2023-33201" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201" }, { "category": "external", "summary": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201" } ], "release_date": "2023-06-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-18T09:47:51+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHPAM 7.13.5 async" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1353" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "RHPAM 7.13.5 async" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bouncycastle: potential blind LDAP injection attack using a self-signed certificate" } ] }
WID-SEC-W-2024-0519
Vulnerability from csaf_certbund
Published
2024-02-29 23:00
Modified
2024-02-29 23:00
Summary
IBM Maximo Asset Management: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Maximo Asset Management ist ein Enterprise-Asset-Management-System, das umfassenden Support für Assets, Maintenance, Ressourcen und Supply-Chain-Management-Anforderungen bietet.
Angriff
Ein Angreifer kann mehrere Schwachstellen in IBM Maximo Asset Management ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen oder einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Maximo Asset Management ist ein Enterprise-Asset-Management-System, das umfassenden Support f\u00fcr Assets, Maintenance, Ressourcen und Supply-Chain-Management-Anforderungen bietet.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in IBM Maximo Asset Management ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-0519 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0519.json" }, { "category": "self", "summary": "WID-SEC-2024-0519 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0519" }, { "category": "external", "summary": "IBM Security Bulletin 7127403 vom 2024-02-29", "url": "https://www.ibm.com/support/pages/node/7127403" }, { "category": "external", "summary": "IBM Security Bulletin 7127436 vom 2024-02-29", "url": "https://www.ibm.com/support/pages/node/7127436" } ], "source_lang": "en-US", "title": "IBM Maximo Asset Management: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-02-29T23:00:00.000+00:00", "generator": { "date": "2024-03-01T09:02:07.009+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-0519", "initial_release_date": "2024-02-29T23:00:00.000+00:00", "revision_history": [ { "date": "2024-02-29T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c 7.6.1.3", "product": { "name": "IBM Maximo Asset Management \u003c 7.6.1.3", "product_id": "T033195", "product_identification_helper": { "cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.3" } } } ], "category": "product_name", "name": "Maximo Asset Management" } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-6481", "notes": [ { "category": "description", "text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren." } ], "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-6481" }, { "cve": "CVE-2023-6378", "notes": [ { "category": "description", "text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren." } ], "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-6378" }, { "cve": "CVE-2023-44487", "notes": [ { "category": "description", "text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren." } ], "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-44487" }, { "cve": "CVE-2023-34462", "notes": [ { "category": "description", "text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren." } ], "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-34462" }, { "cve": "CVE-2022-41915", "notes": [ { "category": "description", "text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren." } ], "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2022-41915" }, { "cve": "CVE-2022-41881", "notes": [ { "category": "description", "text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren." } ], "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2022-41881" }, { "cve": "CVE-2021-42550", "notes": [ { "category": "description", "text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren." } ], "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-42550" } ] }
wid-sec-w-2024-0101
Vulnerability from csaf_certbund
Published
2024-01-15 23:00
Modified
2024-02-20 23:00
Summary
Atlassian Bitbucket: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Bitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Atlassian Bitbucket ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder Request-Smuggling-Angriffe durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Bitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Atlassian Bitbucket ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder Request-Smuggling-Angriffe durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-0101 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0101.json" }, { "category": "self", "summary": "WID-SEC-2024-0101 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0101" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19100" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19099" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19098" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19097" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19096" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19095" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19094" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19044" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19037" }, { "category": "external", "summary": "Atlassian Security Bulletin Februar 2024", "url": "https://confluence.atlassian.com/security/security-bulletin-february-20-2024-1354501606.html" } ], "source_lang": "en-US", "title": "Atlassian Bitbucket: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-02-20T23:00:00.000+00:00", "generator": { "date": "2024-02-21T11:06:09.542+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-0101", "initial_release_date": "2024-01-15T23:00:00.000+00:00", "revision_history": [ { "date": "2024-01-15T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2024-02-20T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c 8.17.0", "product": { "name": "Atlassian Bitbucket \u003c 8.17.0", "product_id": "T032065", "product_identification_helper": { "cpe": "cpe:/a:atlassian:bitbucket:8.17.0" } } }, { "category": "product_version_range", "name": "\u003c 8.16.2", "product": { "name": "Atlassian Bitbucket \u003c 8.16.2", "product_id": "T032066", "product_identification_helper": { "cpe": "cpe:/a:atlassian:bitbucket:8.16.2" } } }, { "category": "product_version_range", "name": "\u003c 8.9.9", "product": { "name": "Atlassian Bitbucket \u003c 8.9.9", "product_id": "T032067", "product_identification_helper": { "cpe": "cpe:/a:atlassian:bitbucket:8.9.9" } } }, { "category": "product_version_range", "name": "\u003c 8.13.5", "product": { "name": "Atlassian Bitbucket \u003c 8.13.5", "product_id": "T032068", "product_identification_helper": { "cpe": "cpe:/a:atlassian:bitbucket:8.13.5" } } }, { "category": "product_version_range", "name": "\u003c 8.14.4", "product": { "name": "Atlassian Bitbucket \u003c 8.14.4", "product_id": "T032069", "product_identification_helper": { "cpe": "cpe:/a:atlassian:bitbucket:8.14.4" } } }, { "category": "product_version_range", "name": "\u003c 8.15.3", "product": { "name": "Atlassian Bitbucket \u003c 8.15.3", "product_id": "T032070", "product_identification_helper": { "cpe": "cpe:/a:atlassian:bitbucket:8.15.3" } } }, { "category": "product_version_range", "name": "\u003c 7.21.21", "product": { "name": "Atlassian Bitbucket \u003c 7.21.21", "product_id": "T032071", "product_identification_helper": { "cpe": "cpe:/a:atlassian:bitbucket:7.21.21" } } } ], "category": "product_name", "name": "Bitbucket" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 7.19.18", "product": { "name": "Atlassian Confluence \u003c 7.19.18", "product_id": "T032051", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:7.19.18" } } }, { "category": "product_version_range", "name": "\u003c 8.5.5", "product": { "name": "Atlassian Confluence \u003c 8.5.5", "product_id": "T032052", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:8.5.5" } } }, { "category": "product_version_range", "name": "\u003c 8.7.2", "product": { "name": "Atlassian Confluence \u003c 8.7.2", "product_id": "T032053", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:8.7.2" } } }, { "category": "product_version_range", "name": "\u003c 8.8.0", "product": { "name": "Atlassian Confluence \u003c 8.8.0", "product_id": "T033011", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:8.8.0" } } } ], "category": "product_name", "name": "Confluence" } ], "category": "vendor", "name": "Atlassian" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-6481", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-6481" }, { "cve": "CVE-2023-6378", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-6378" }, { "cve": "CVE-2023-5072", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-5072" }, { "cve": "CVE-2023-46589", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-46589" }, { "cve": "CVE-2023-43642", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-43642" }, { "cve": "CVE-2023-36478", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-36478" }, { "cve": "CVE-2023-34455", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-34455" }, { "cve": "CVE-2023-34454", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-34454" }, { "cve": "CVE-2023-34453", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-34453" } ] }
WID-SEC-W-2024-0101
Vulnerability from csaf_certbund
Published
2024-01-15 23:00
Modified
2024-02-20 23:00
Summary
Atlassian Bitbucket: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Bitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Atlassian Bitbucket ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder Request-Smuggling-Angriffe durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Bitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Atlassian Bitbucket ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder Request-Smuggling-Angriffe durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-0101 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0101.json" }, { "category": "self", "summary": "WID-SEC-2024-0101 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0101" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19100" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19099" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19098" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19097" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19096" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19095" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19094" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19044" }, { "category": "external", "summary": "Atlassian Security Advisory vom 2024-01-15", "url": "https://jira.atlassian.com/browse/BSERV-19037" }, { "category": "external", "summary": "Atlassian Security Bulletin Februar 2024", "url": "https://confluence.atlassian.com/security/security-bulletin-february-20-2024-1354501606.html" } ], "source_lang": "en-US", "title": "Atlassian Bitbucket: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-02-20T23:00:00.000+00:00", "generator": { "date": "2024-02-21T11:06:09.542+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-0101", "initial_release_date": "2024-01-15T23:00:00.000+00:00", "revision_history": [ { "date": "2024-01-15T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2024-02-20T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c 8.17.0", "product": { "name": "Atlassian Bitbucket \u003c 8.17.0", "product_id": "T032065", "product_identification_helper": { "cpe": "cpe:/a:atlassian:bitbucket:8.17.0" } } }, { "category": "product_version_range", "name": "\u003c 8.16.2", "product": { "name": "Atlassian Bitbucket \u003c 8.16.2", "product_id": "T032066", "product_identification_helper": { "cpe": "cpe:/a:atlassian:bitbucket:8.16.2" } } }, { "category": "product_version_range", "name": "\u003c 8.9.9", "product": { "name": "Atlassian Bitbucket \u003c 8.9.9", "product_id": "T032067", "product_identification_helper": { "cpe": "cpe:/a:atlassian:bitbucket:8.9.9" } } }, { "category": "product_version_range", "name": "\u003c 8.13.5", "product": { "name": "Atlassian Bitbucket \u003c 8.13.5", "product_id": "T032068", "product_identification_helper": { "cpe": "cpe:/a:atlassian:bitbucket:8.13.5" } } }, { "category": "product_version_range", "name": "\u003c 8.14.4", "product": { "name": "Atlassian Bitbucket \u003c 8.14.4", "product_id": "T032069", "product_identification_helper": { "cpe": "cpe:/a:atlassian:bitbucket:8.14.4" } } }, { "category": "product_version_range", "name": "\u003c 8.15.3", "product": { "name": "Atlassian Bitbucket \u003c 8.15.3", "product_id": "T032070", "product_identification_helper": { "cpe": "cpe:/a:atlassian:bitbucket:8.15.3" } } }, { "category": "product_version_range", "name": "\u003c 7.21.21", "product": { "name": "Atlassian Bitbucket \u003c 7.21.21", "product_id": "T032071", "product_identification_helper": { "cpe": "cpe:/a:atlassian:bitbucket:7.21.21" } } } ], "category": "product_name", "name": "Bitbucket" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 7.19.18", "product": { "name": "Atlassian Confluence \u003c 7.19.18", "product_id": "T032051", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:7.19.18" } } }, { "category": "product_version_range", "name": "\u003c 8.5.5", "product": { "name": "Atlassian Confluence \u003c 8.5.5", "product_id": "T032052", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:8.5.5" } } }, { "category": "product_version_range", "name": "\u003c 8.7.2", "product": { "name": "Atlassian Confluence \u003c 8.7.2", "product_id": "T032053", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:8.7.2" } } }, { "category": "product_version_range", "name": "\u003c 8.8.0", "product": { "name": "Atlassian Confluence \u003c 8.8.0", "product_id": "T033011", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:8.8.0" } } } ], "category": "product_name", "name": "Confluence" } ], "category": "vendor", "name": "Atlassian" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-6481", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-6481" }, { "cve": "CVE-2023-6378", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-6378" }, { "cve": "CVE-2023-5072", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-5072" }, { "cve": "CVE-2023-46589", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-46589" }, { "cve": "CVE-2023-43642", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-43642" }, { "cve": "CVE-2023-36478", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-36478" }, { "cve": "CVE-2023-34455", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-34455" }, { "cve": "CVE-2023-34454", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-34454" }, { "cve": "CVE-2023-34453", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Atlassian Bitbucket. Diese Fehler bestehen in mehreren Komponenten von Drittanbietern aufgrund von mehreren sicherheitsrelevanten Problemen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszul\u00f6sen oder Request Smuggling-Angriffe durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T032052", "T032053", "T032051", "T033011" ] }, "release_date": "2024-01-15T23:00:00Z", "title": "CVE-2023-34453" } ] }
WID-SEC-W-2023-3050
Vulnerability from csaf_certbund
Published
2023-12-03 23:00
Modified
2024-05-23 22:00
Summary
Logback: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Logback ist der Nachfolger des populären log4j-Projekts und stellt eine Java Logging API zur Verfügung.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Logback ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Logback ist der Nachfolger des popul\u00e4ren log4j-Projekts und stellt eine Java Logging API zur Verf\u00fcgung.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Logback ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- UNIX\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-3050 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3050.json" }, { "category": "self", "summary": "WID-SEC-2023-3050 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3050" }, { "category": "external", "summary": "IBM Security Bulletin 7110836 vom 2024-01-24", "url": "https://www.ibm.com/support/pages/node/7110836" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0793 vom 2024-02-12", "url": "https://access.redhat.com/errata/RHSA-2024:0793" }, { "category": "external", "summary": "Camunda Security Notices", "url": "https://docs.camunda.org/security/notices/#notice-102" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0843 vom 2024-02-15", "url": "https://access.redhat.com/errata/RHSA-2024:0843" }, { "category": "external", "summary": "Atlassian Security Bulletin Februar 2024", "url": "https://confluence.atlassian.com/security/security-bulletin-february-20-2024-1354501606.html" }, { "category": "external", "summary": "GitHub Advisory Database vom 2023-12-03", "url": "https://github.com/advisories/GHSA-gm62-rw4g-vrc4" }, { "category": "external", "summary": "NIST Vulnerability Database vom 2023-12-03", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481" }, { "category": "external", "summary": "IBM Security Bulletin", "url": "https://www.ibm.com/support/pages/node/7144911" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:2945 vom 2024-05-21", "url": "https://access.redhat.com/errata/RHSA-2024:2945" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3354 vom 2024-05-24", "url": "https://access.redhat.com/errata/RHSA-2024:3354" } ], "source_lang": "en-US", "title": "Logback: Schwachstelle erm\u00f6glicht Denial of Service", "tracking": { "current_release_date": "2024-05-23T22:00:00.000+00:00", "generator": { "date": "2024-05-24T08:08:43.144+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-3050", "initial_release_date": "2023-12-03T23:00:00.000+00:00", "revision_history": [ { "date": "2023-12-03T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2024-01-24T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-02-12T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-02-15T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-02-20T23:00:00.000+00:00", "number": "5", "summary": "Neue Updates aufgenommen" }, { "date": "2024-03-24T23:00:00.000+00:00", "number": "6", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-05-21T22:00:00.000+00:00", "number": "7", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-05-23T22:00:00.000+00:00", "number": "8", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "8" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c7.19.18", "product": { "name": "Atlassian Confluence \u003c7.19.18", "product_id": "T032051", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:7.19.18" } } }, { "category": "product_version_range", "name": "\u003c8.5.5", "product": { "name": "Atlassian Confluence \u003c8.5.5", "product_id": "T032052", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:8.5.5" } } }, { "category": "product_version_range", "name": "\u003c8.7.2", "product": { "name": "Atlassian Confluence \u003c8.7.2", "product_id": "T032053", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:8.7.2" } } }, { "category": "product_version_range", "name": "\u003c8.8.0", "product": { "name": "Atlassian Confluence \u003c8.8.0", "product_id": "T033011", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:8.8.0" } } } ], "category": "product_name", "name": "Confluence" } ], "category": "vendor", "name": "Atlassian" }, { "branches": [ { "category": "product_name", "name": "IBM Business Automation Workflow", "product": { "name": "IBM Business Automation Workflow", "product_id": "T024465", "product_identification_helper": { "cpe": "cpe:/a:ibm:business_automation_workflow:traditional" } } }, { "branches": [ { "category": "product_version", "name": "8.1", "product": { "name": "IBM Spectrum Protect 8.1", "product_id": "T010033", "product_identification_helper": { "cpe": "cpe:/a:ibm:spectrum_protect:8.1" } } } ], "category": "product_name", "name": "Spectrum Protect" } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c7.21.0-alpha3", "product": { "name": "Open Source Camunda \u003c7.21.0-alpha3", "product_id": "T032703", "product_identification_helper": { "cpe": "cpe:/a:camunda:camunda:7.21.0-alpha3" } } }, { "category": "product_version_range", "name": "\u003c7.20.3", "product": { "name": "Open Source Camunda \u003c7.20.3", "product_id": "T032704", "product_identification_helper": { "cpe": "cpe:/a:camunda:camunda:7.20.3" } } }, { "category": "product_version_range", "name": "\u003c7.19.10", "product": { "name": "Open Source Camunda \u003c7.19.10", "product_id": "T032705", "product_identification_helper": { "cpe": "cpe:/a:camunda:camunda:7.19.10" } } }, { "category": "product_version_range", "name": "\u003c7.18.14", "product": { "name": "Open Source Camunda \u003c7.18.14", "product_id": "T032706", "product_identification_helper": { "cpe": "cpe:/a:camunda:camunda:7.18.14" } } } ], "category": "product_name", "name": "Camunda" }, { "branches": [ { "category": "product_version", "name": "1.4.13", "product": { "name": "Open Source Logback 1.4.13", "product_id": "T031447", "product_identification_helper": { "cpe": "cpe:/a:logback:logback:1.4.13" } } }, { "category": "product_version", "name": "1.3.13", "product": { "name": "Open Source Logback 1.3.13", "product_id": "T031448", "product_identification_helper": { "cpe": "cpe:/a:logback:logback:1.3.13" } } }, { "category": "product_version", "name": "1.2.12", "product": { "name": "Open Source Logback 1.2.12", "product_id": "T031449", "product_identification_helper": { "cpe": "cpe:/a:logback:logback:1.2.12" } } } ], "category": "product_name", "name": "Logback" } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "branches": [ { "category": "product_version_range", "name": "Broker \u003c7.12.0", "product": { "name": "Red Hat JBoss A-MQ Broker \u003c7.12.0", "product_id": "T034934", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_amq:broker__7.12.0" } } } ], "category": "product_name", "name": "JBoss A-MQ" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-6481", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in Logback. Dieser Fehler besteht in der Empf\u00e4ngerkomponente aufgrund eines Serialisierungsproblems. Durch das Senden von manipulierten Daten kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen." } ], "product_status": { "known_affected": [ "T031447", "67646", "T032703", "T031449", "T034934", "T031448", "T010033", "T032052", "T032053", "T032051", "T033011", "T024465", "T032706", "T032704", "T032705" ] }, "release_date": "2023-12-03T23:00:00Z", "title": "CVE-2023-6481" } ] }
wid-sec-w-2024-0519
Vulnerability from csaf_certbund
Published
2024-02-29 23:00
Modified
2024-02-29 23:00
Summary
IBM Maximo Asset Management: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Maximo Asset Management ist ein Enterprise-Asset-Management-System, das umfassenden Support für Assets, Maintenance, Ressourcen und Supply-Chain-Management-Anforderungen bietet.
Angriff
Ein Angreifer kann mehrere Schwachstellen in IBM Maximo Asset Management ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen oder einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Maximo Asset Management ist ein Enterprise-Asset-Management-System, das umfassenden Support f\u00fcr Assets, Maintenance, Ressourcen und Supply-Chain-Management-Anforderungen bietet.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in IBM Maximo Asset Management ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-0519 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0519.json" }, { "category": "self", "summary": "WID-SEC-2024-0519 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0519" }, { "category": "external", "summary": "IBM Security Bulletin 7127403 vom 2024-02-29", "url": "https://www.ibm.com/support/pages/node/7127403" }, { "category": "external", "summary": "IBM Security Bulletin 7127436 vom 2024-02-29", "url": "https://www.ibm.com/support/pages/node/7127436" } ], "source_lang": "en-US", "title": "IBM Maximo Asset Management: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-02-29T23:00:00.000+00:00", "generator": { "date": "2024-03-01T09:02:07.009+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-0519", "initial_release_date": "2024-02-29T23:00:00.000+00:00", "revision_history": [ { "date": "2024-02-29T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c 7.6.1.3", "product": { "name": "IBM Maximo Asset Management \u003c 7.6.1.3", "product_id": "T033195", "product_identification_helper": { "cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.3" } } } ], "category": "product_name", "name": "Maximo Asset Management" } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-6481", "notes": [ { "category": "description", "text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren." } ], "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-6481" }, { "cve": "CVE-2023-6378", "notes": [ { "category": "description", "text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren." } ], "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-6378" }, { "cve": "CVE-2023-44487", "notes": [ { "category": "description", "text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren." } ], "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-44487" }, { "cve": "CVE-2023-34462", "notes": [ { "category": "description", "text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren." } ], "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-34462" }, { "cve": "CVE-2022-41915", "notes": [ { "category": "description", "text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren." } ], "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2022-41915" }, { "cve": "CVE-2022-41881", "notes": [ { "category": "description", "text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren." } ], "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2022-41881" }, { "cve": "CVE-2021-42550", "notes": [ { "category": "description", "text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren." } ], "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-42550" } ] }
wid-sec-w-2023-3050
Vulnerability from csaf_certbund
Published
2023-12-03 23:00
Modified
2024-05-23 22:00
Summary
Logback: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Logback ist der Nachfolger des populären log4j-Projekts und stellt eine Java Logging API zur Verfügung.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Logback ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Logback ist der Nachfolger des popul\u00e4ren log4j-Projekts und stellt eine Java Logging API zur Verf\u00fcgung.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Logback ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- UNIX\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-3050 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3050.json" }, { "category": "self", "summary": "WID-SEC-2023-3050 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3050" }, { "category": "external", "summary": "IBM Security Bulletin 7110836 vom 2024-01-24", "url": "https://www.ibm.com/support/pages/node/7110836" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0793 vom 2024-02-12", "url": "https://access.redhat.com/errata/RHSA-2024:0793" }, { "category": "external", "summary": "Camunda Security Notices", "url": "https://docs.camunda.org/security/notices/#notice-102" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0843 vom 2024-02-15", "url": "https://access.redhat.com/errata/RHSA-2024:0843" }, { "category": "external", "summary": "Atlassian Security Bulletin Februar 2024", "url": "https://confluence.atlassian.com/security/security-bulletin-february-20-2024-1354501606.html" }, { "category": "external", "summary": "GitHub Advisory Database vom 2023-12-03", "url": "https://github.com/advisories/GHSA-gm62-rw4g-vrc4" }, { "category": "external", "summary": "NIST Vulnerability Database vom 2023-12-03", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481" }, { "category": "external", "summary": "IBM Security Bulletin", "url": "https://www.ibm.com/support/pages/node/7144911" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:2945 vom 2024-05-21", "url": "https://access.redhat.com/errata/RHSA-2024:2945" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3354 vom 2024-05-24", "url": "https://access.redhat.com/errata/RHSA-2024:3354" } ], "source_lang": "en-US", "title": "Logback: Schwachstelle erm\u00f6glicht Denial of Service", "tracking": { "current_release_date": "2024-05-23T22:00:00.000+00:00", "generator": { "date": "2024-05-24T08:08:43.144+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-3050", "initial_release_date": "2023-12-03T23:00:00.000+00:00", "revision_history": [ { "date": "2023-12-03T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2024-01-24T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-02-12T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-02-15T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-02-20T23:00:00.000+00:00", "number": "5", "summary": "Neue Updates aufgenommen" }, { "date": "2024-03-24T23:00:00.000+00:00", "number": "6", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-05-21T22:00:00.000+00:00", "number": "7", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-05-23T22:00:00.000+00:00", "number": "8", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "8" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c7.19.18", "product": { "name": "Atlassian Confluence \u003c7.19.18", "product_id": "T032051", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:7.19.18" } } }, { "category": "product_version_range", "name": "\u003c8.5.5", "product": { "name": "Atlassian Confluence \u003c8.5.5", "product_id": "T032052", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:8.5.5" } } }, { "category": "product_version_range", "name": "\u003c8.7.2", "product": { "name": "Atlassian Confluence \u003c8.7.2", "product_id": "T032053", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:8.7.2" } } }, { "category": "product_version_range", "name": "\u003c8.8.0", "product": { "name": "Atlassian Confluence \u003c8.8.0", "product_id": "T033011", "product_identification_helper": { "cpe": "cpe:/a:atlassian:confluence:8.8.0" } } } ], "category": "product_name", "name": "Confluence" } ], "category": "vendor", "name": "Atlassian" }, { "branches": [ { "category": "product_name", "name": "IBM Business Automation Workflow", "product": { "name": "IBM Business Automation Workflow", "product_id": "T024465", "product_identification_helper": { "cpe": "cpe:/a:ibm:business_automation_workflow:traditional" } } }, { "branches": [ { "category": "product_version", "name": "8.1", "product": { "name": "IBM Spectrum Protect 8.1", "product_id": "T010033", "product_identification_helper": { "cpe": "cpe:/a:ibm:spectrum_protect:8.1" } } } ], "category": "product_name", "name": "Spectrum Protect" } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c7.21.0-alpha3", "product": { "name": "Open Source Camunda \u003c7.21.0-alpha3", "product_id": "T032703", "product_identification_helper": { "cpe": "cpe:/a:camunda:camunda:7.21.0-alpha3" } } }, { "category": "product_version_range", "name": "\u003c7.20.3", "product": { "name": "Open Source Camunda \u003c7.20.3", "product_id": "T032704", "product_identification_helper": { "cpe": "cpe:/a:camunda:camunda:7.20.3" } } }, { "category": "product_version_range", "name": "\u003c7.19.10", "product": { "name": "Open Source Camunda \u003c7.19.10", "product_id": "T032705", "product_identification_helper": { "cpe": "cpe:/a:camunda:camunda:7.19.10" } } }, { "category": "product_version_range", "name": "\u003c7.18.14", "product": { "name": "Open Source Camunda \u003c7.18.14", "product_id": "T032706", "product_identification_helper": { "cpe": "cpe:/a:camunda:camunda:7.18.14" } } } ], "category": "product_name", "name": "Camunda" }, { "branches": [ { "category": "product_version", "name": "1.4.13", "product": { "name": "Open Source Logback 1.4.13", "product_id": "T031447", "product_identification_helper": { "cpe": "cpe:/a:logback:logback:1.4.13" } } }, { "category": "product_version", "name": "1.3.13", "product": { "name": "Open Source Logback 1.3.13", "product_id": "T031448", "product_identification_helper": { "cpe": "cpe:/a:logback:logback:1.3.13" } } }, { "category": "product_version", "name": "1.2.12", "product": { "name": "Open Source Logback 1.2.12", "product_id": "T031449", "product_identification_helper": { "cpe": "cpe:/a:logback:logback:1.2.12" } } } ], "category": "product_name", "name": "Logback" } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "branches": [ { "category": "product_version_range", "name": "Broker \u003c7.12.0", "product": { "name": "Red Hat JBoss A-MQ Broker \u003c7.12.0", "product_id": "T034934", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_amq:broker__7.12.0" } } } ], "category": "product_name", "name": "JBoss A-MQ" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-6481", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in Logback. Dieser Fehler besteht in der Empf\u00e4ngerkomponente aufgrund eines Serialisierungsproblems. Durch das Senden von manipulierten Daten kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen." } ], "product_status": { "known_affected": [ "T031447", "67646", "T032703", "T031449", "T034934", "T031448", "T010033", "T032052", "T032053", "T032051", "T033011", "T024465", "T032706", "T032704", "T032705" ] }, "release_date": "2023-12-03T23:00:00Z", "title": "CVE-2023-6481" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.