Action not permitted
Modal body text goes here.
cve-2024-31989
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:argoproj:argo-cd:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "argo-cd", "vendor": "argoproj", "versions": [ { "lessThanOrEqual": "2.8.18", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThanOrEqual": "2.9.14", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThanOrEqual": "2.10.9", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThanOrEqual": "2.11.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-31989", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T14:51:59.350454Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-06T17:10:15.062Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:59:50.839Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr" }, { "name": "https://github.com/argoproj/argo-cd/commit/2de0ceade243039c120c28374016c04ff9590d1d", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/argoproj/argo-cd/commit/2de0ceade243039c120c28374016c04ff9590d1d" }, { "name": "https://github.com/argoproj/argo-cd/commit/35a7d6c7fa1534aceba763d6a68697f36c12e678", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/argoproj/argo-cd/commit/35a7d6c7fa1534aceba763d6a68697f36c12e678" }, { "name": "https://github.com/argoproj/argo-cd/commit/4e2fe302c3352a0012ecbe7f03476b0e07f7fc6c", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/argoproj/argo-cd/commit/4e2fe302c3352a0012ecbe7f03476b0e07f7fc6c" }, { "name": "https://github.com/argoproj/argo-cd/commit/53570cbd143bced49d4376d6e31bd9c7bd2659ff", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/argoproj/argo-cd/commit/53570cbd143bced49d4376d6e31bd9c7bd2659ff" }, { "name": "https://github.com/argoproj/argo-cd/commit/6ef7b62a0f67e74b4aac2aee31c98ae49dd95d12", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/argoproj/argo-cd/commit/6ef7b62a0f67e74b4aac2aee31c98ae49dd95d12" }, { "name": "https://github.com/argoproj/argo-cd/commit/9552034a80070a93a161bfa330359585f3b85f07", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/argoproj/argo-cd/commit/9552034a80070a93a161bfa330359585f3b85f07" }, { "name": "https://github.com/argoproj/argo-cd/commit/bdd889d43969ba738ddd15e1f674d27964048994", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/argoproj/argo-cd/commit/bdd889d43969ba738ddd15e1f674d27964048994" }, { "name": "https://github.com/argoproj/argo-cd/commit/f1a449e83ee73f8f14d441563b6a31b504f8d8b0", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/argoproj/argo-cd/commit/f1a449e83ee73f8f14d441563b6a31b504f8d8b0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "argo-cd", "vendor": "argoproj", "versions": [ { "status": "affected", "version": "\u003c 2.8.19" }, { "status": "affected", "version": "\u003e= 2.9.0-rc1, \u003c 2.9.15" }, { "status": "affected", "version": "\u003e= 2.10.0-rc1, \u003c 2.10.10" }, { "status": "affected", "version": "\u003e= 2.11.0-rc1, \u003c 2.11.1" }, { "status": "affected", "version": "\u003c= 1.8.7" } ] } ], "descriptions": [ { "lang": "en", "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS cluster, it requires manual enablement through configuration to enforce network policies. This raises concerns that many clients might unknowingly have open access to their Redis servers. This vulnerability could lead to Privilege Escalation to the level of cluster controller, or to information leakage, affecting anyone who does not have strict access controls on their Redis instance. This issue has been patched in version(s) 2.8.19, 2.9.15 and 2.10.10." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-327", "description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-21T19:08:48.102Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr" }, { "name": "https://github.com/argoproj/argo-cd/commit/2de0ceade243039c120c28374016c04ff9590d1d", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/argoproj/argo-cd/commit/2de0ceade243039c120c28374016c04ff9590d1d" }, { "name": "https://github.com/argoproj/argo-cd/commit/35a7d6c7fa1534aceba763d6a68697f36c12e678", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/argoproj/argo-cd/commit/35a7d6c7fa1534aceba763d6a68697f36c12e678" }, { "name": "https://github.com/argoproj/argo-cd/commit/4e2fe302c3352a0012ecbe7f03476b0e07f7fc6c", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/argoproj/argo-cd/commit/4e2fe302c3352a0012ecbe7f03476b0e07f7fc6c" }, { "name": "https://github.com/argoproj/argo-cd/commit/53570cbd143bced49d4376d6e31bd9c7bd2659ff", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/argoproj/argo-cd/commit/53570cbd143bced49d4376d6e31bd9c7bd2659ff" }, { "name": "https://github.com/argoproj/argo-cd/commit/6ef7b62a0f67e74b4aac2aee31c98ae49dd95d12", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/argoproj/argo-cd/commit/6ef7b62a0f67e74b4aac2aee31c98ae49dd95d12" }, { "name": "https://github.com/argoproj/argo-cd/commit/9552034a80070a93a161bfa330359585f3b85f07", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/argoproj/argo-cd/commit/9552034a80070a93a161bfa330359585f3b85f07" }, { "name": "https://github.com/argoproj/argo-cd/commit/bdd889d43969ba738ddd15e1f674d27964048994", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/argoproj/argo-cd/commit/bdd889d43969ba738ddd15e1f674d27964048994" }, { "name": "https://github.com/argoproj/argo-cd/commit/f1a449e83ee73f8f14d441563b6a31b504f8d8b0", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/argoproj/argo-cd/commit/f1a449e83ee73f8f14d441563b6a31b504f8d8b0" } ], "source": { "advisory": "GHSA-9766-5277-j5hr", "discovery": "UNKNOWN" }, "title": "ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-31989", "datePublished": "2024-05-21T19:08:48.102Z", "dateReserved": "2024-04-08T13:48:37.491Z", "dateUpdated": "2024-08-02T01:59:50.839Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-31989\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-05-21T19:15:09.770\",\"lastModified\":\"2024-05-22T12:46:53.887\",\"vulnStatus\":\"Awaiting Analysis\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS cluster, it requires manual enablement through configuration to enforce network policies. This raises concerns that many clients might unknowingly have open access to their Redis servers. This vulnerability could lead to Privilege Escalation to the level of cluster controller, or to information leakage, affecting anyone who does not have strict access controls on their Redis instance. This issue has been patched in version(s) 2.8.19, 2.9.15 and 2.10.10.\"},{\"lang\":\"es\",\"value\":\"Argo CD es una herramienta declarativa de entrega continua de GitOps para Kubernetes. Se ha descubierto que un pod sin privilegios en un espacio de nombres diferente en el mismo cl\u00faster podr\u00eda conectarse al servidor Redis en el puerto 6379. A pesar de haber instalado la \u00faltima versi\u00f3n del complemento VPC CNI en el cl\u00faster EKS, requiere habilitaci\u00f3n manual a trav\u00e9s de la configuraci\u00f3n para aplicar pol\u00edticas de red. Esto genera preocupaci\u00f3n de que muchos clientes, sin saberlo, puedan tener acceso abierto a sus servidores Redis. Esta vulnerabilidad podr\u00eda provocar una escalada de privilegios al nivel del controlador del cl\u00faster o una fuga de informaci\u00f3n, afectando a cualquiera que no tenga controles de acceso estrictos en su instancia de Redis. Este problema se solucion\u00f3 en las versiones 2.8.19, 2.9.15 y 2.10.10.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.0,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":2.3,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-327\"}]}],\"references\":[{\"url\":\"https://github.com/argoproj/argo-cd/commit/2de0ceade243039c120c28374016c04ff9590d1d\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/argoproj/argo-cd/commit/35a7d6c7fa1534aceba763d6a68697f36c12e678\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/argoproj/argo-cd/commit/4e2fe302c3352a0012ecbe7f03476b0e07f7fc6c\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/argoproj/argo-cd/commit/53570cbd143bced49d4376d6e31bd9c7bd2659ff\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/argoproj/argo-cd/commit/6ef7b62a0f67e74b4aac2aee31c98ae49dd95d12\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/argoproj/argo-cd/commit/9552034a80070a93a161bfa330359585f3b85f07\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/argoproj/argo-cd/commit/bdd889d43969ba738ddd15e1f674d27964048994\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/argoproj/argo-cd/commit/f1a449e83ee73f8f14d441563b6a31b504f8d8b0\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr\",\"source\":\"security-advisories@github.com\"}]}}" } }
gsd-2024-31989
Vulnerability from gsd
{ "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2024-31989" ], "id": "GSD-2024-31989", "modified": "2024-04-11T05:03:20.548538Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2024-31989", "STATE": "RESERVED" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } } } }
rhsa-2024_3369
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat OpenShift GitOps v1.10.6 to address the CVE-2024-31989, Unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Errata Advisory for Red Hat OpenShift GitOps v1.10.6\n\nSecurity Fix(es):\n\n* CVE-2024-31989 argocd: unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379.\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:3369", "url": "https://access.redhat.com/errata/RHSA-2024:3369" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2280218", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280218" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3369.json" } ], "title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.10.6 security update", "tracking": { "current_release_date": "2024-11-06T05:59:03+00:00", "generator": { "date": "2024-11-06T05:59:03+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2024:3369", "initial_release_date": "2024-05-28T08:21:45+00:00", "revision_history": [ { "date": "2024-05-28T08:21:45+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-05-28T08:21:45+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T05:59:03+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift GitOps 1.10", "product": { "name": "Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_gitops:1.10::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift GitOps" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:688eb12e6b880ed645bb588b3adafeb4736b179a1606ddaf58f9c2de022a35f6_amd64", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:688eb12e6b880ed645bb588b3adafeb4736b179a1606ddaf58f9c2de022a35f6_amd64", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:688eb12e6b880ed645bb588b3adafeb4736b179a1606ddaf58f9c2de022a35f6_amd64", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:688eb12e6b880ed645bb588b3adafeb4736b179a1606ddaf58f9c2de022a35f6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:64dd56354e5b7d467307beee042b329aea149caea0b03400649dc4e0ec96a024_amd64", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:64dd56354e5b7d467307beee042b329aea149caea0b03400649dc4e0ec96a024_amd64", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:64dd56354e5b7d467307beee042b329aea149caea0b03400649dc4e0ec96a024_amd64", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:64dd56354e5b7d467307beee042b329aea149caea0b03400649dc4e0ec96a024?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:58a4e77d29c5277559518d042cf84e083be1408eb397c20bcd56c3d8b80c7b1f_amd64", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:58a4e77d29c5277559518d042cf84e083be1408eb397c20bcd56c3d8b80c7b1f_amd64", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:58a4e77d29c5277559518d042cf84e083be1408eb397c20bcd56c3d8b80c7b1f_amd64", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:58a4e77d29c5277559518d042cf84e083be1408eb397c20bcd56c3d8b80c7b1f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:7e428454aeb35c640bb9ae607f95e523ffbead6788cdea0c8c99bd8ae9a8451a_amd64", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:7e428454aeb35c640bb9ae607f95e523ffbead6788cdea0c8c99bd8ae9a8451a_amd64", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:7e428454aeb35c640bb9ae607f95e523ffbead6788cdea0c8c99bd8ae9a8451a_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:7e428454aeb35c640bb9ae607f95e523ffbead6788cdea0c8c99bd8ae9a8451a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:c3972e66a24fc340f5fb87d5e14afede851dbbac24061c84f94623bc826091d7_amd64", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:c3972e66a24fc340f5fb87d5e14afede851dbbac24061c84f94623bc826091d7_amd64", "product_id": "openshift-gitops-1/dex-rhel8@sha256:c3972e66a24fc340f5fb87d5e14afede851dbbac24061c84f94623bc826091d7_amd64", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:c3972e66a24fc340f5fb87d5e14afede851dbbac24061c84f94623bc826091d7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:9a9b0fcd52a78dec186643343ca513875c9a234555e5c406580b616afc03e404_amd64", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:9a9b0fcd52a78dec186643343ca513875c9a234555e5c406580b616afc03e404_amd64", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:9a9b0fcd52a78dec186643343ca513875c9a234555e5c406580b616afc03e404_amd64", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:9a9b0fcd52a78dec186643343ca513875c9a234555e5c406580b616afc03e404?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:2eda7599f9454e50c60949f75447e4599d4f8a7e2a9fd37f32a1a0c4e6078fcb_amd64", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:2eda7599f9454e50c60949f75447e4599d4f8a7e2a9fd37f32a1a0c4e6078fcb_amd64", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:2eda7599f9454e50c60949f75447e4599d4f8a7e2a9fd37f32a1a0c4e6078fcb_amd64", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:2eda7599f9454e50c60949f75447e4599d4f8a7e2a9fd37f32a1a0c4e6078fcb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-operator-bundle@sha256:ed530db9b4a29fb591ea208cd0c6b3b83b49537ff5a0a4f501b54ce667f9b303_amd64", "product": { "name": "openshift-gitops-1/gitops-operator-bundle@sha256:ed530db9b4a29fb591ea208cd0c6b3b83b49537ff5a0a4f501b54ce667f9b303_amd64", "product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:ed530db9b4a29fb591ea208cd0c6b3b83b49537ff5a0a4f501b54ce667f9b303_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-operator-bundle@sha256:ed530db9b4a29fb591ea208cd0c6b3b83b49537ff5a0a4f501b54ce667f9b303?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:6a674317b6ab5a65a4abadecff028dd03ceacd0d819841afb6365d604b08b4fe_amd64", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:6a674317b6ab5a65a4abadecff028dd03ceacd0d819841afb6365d604b08b4fe_amd64", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:6a674317b6ab5a65a4abadecff028dd03ceacd0d819841afb6365d604b08b4fe_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:6a674317b6ab5a65a4abadecff028dd03ceacd0d819841afb6365d604b08b4fe?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.10.6-4" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:1ed6d86544f6c3a295cdc17a9268cd91f79f714c6f4ab3cff94c9e66a6fe2aaa_s390x", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:1ed6d86544f6c3a295cdc17a9268cd91f79f714c6f4ab3cff94c9e66a6fe2aaa_s390x", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:1ed6d86544f6c3a295cdc17a9268cd91f79f714c6f4ab3cff94c9e66a6fe2aaa_s390x", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:1ed6d86544f6c3a295cdc17a9268cd91f79f714c6f4ab3cff94c9e66a6fe2aaa?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0608ca9bc5c778b10056ce89287ebce6329ef1d15a521aa764c36be2d2c83fd6_s390x", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0608ca9bc5c778b10056ce89287ebce6329ef1d15a521aa764c36be2d2c83fd6_s390x", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0608ca9bc5c778b10056ce89287ebce6329ef1d15a521aa764c36be2d2c83fd6_s390x", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:0608ca9bc5c778b10056ce89287ebce6329ef1d15a521aa764c36be2d2c83fd6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:1a0a1f97664033388776bb04df16473f9cd5c500bed97165cedff8a7030fd868_s390x", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:1a0a1f97664033388776bb04df16473f9cd5c500bed97165cedff8a7030fd868_s390x", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:1a0a1f97664033388776bb04df16473f9cd5c500bed97165cedff8a7030fd868_s390x", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:1a0a1f97664033388776bb04df16473f9cd5c500bed97165cedff8a7030fd868?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:cc7a542c4ee755a60c1cb688a2fac4c6887a7d89b8d9634ed7447a45023c8157_s390x", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:cc7a542c4ee755a60c1cb688a2fac4c6887a7d89b8d9634ed7447a45023c8157_s390x", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:cc7a542c4ee755a60c1cb688a2fac4c6887a7d89b8d9634ed7447a45023c8157_s390x", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:cc7a542c4ee755a60c1cb688a2fac4c6887a7d89b8d9634ed7447a45023c8157?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:655eb264bf4abcfa23dc3c15379400afcef3281514880d5152a09917fe86f322_s390x", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:655eb264bf4abcfa23dc3c15379400afcef3281514880d5152a09917fe86f322_s390x", "product_id": "openshift-gitops-1/dex-rhel8@sha256:655eb264bf4abcfa23dc3c15379400afcef3281514880d5152a09917fe86f322_s390x", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:655eb264bf4abcfa23dc3c15379400afcef3281514880d5152a09917fe86f322?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:5a3d73268b62e644001cd7c3a99f997b83df62ae66d9dbdf336e90fd64e58128_s390x", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:5a3d73268b62e644001cd7c3a99f997b83df62ae66d9dbdf336e90fd64e58128_s390x", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:5a3d73268b62e644001cd7c3a99f997b83df62ae66d9dbdf336e90fd64e58128_s390x", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:5a3d73268b62e644001cd7c3a99f997b83df62ae66d9dbdf336e90fd64e58128?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:d7384c2354d5ebfbb25da696b269dfa460137489ea23d58bcf4a5a4c4571caec_s390x", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:d7384c2354d5ebfbb25da696b269dfa460137489ea23d58bcf4a5a4c4571caec_s390x", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:d7384c2354d5ebfbb25da696b269dfa460137489ea23d58bcf4a5a4c4571caec_s390x", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:d7384c2354d5ebfbb25da696b269dfa460137489ea23d58bcf4a5a4c4571caec?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:90225f439b88ca9db06965fd22026b053836ed06bf286b7a80c0e33bd389377f_s390x", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:90225f439b88ca9db06965fd22026b053836ed06bf286b7a80c0e33bd389377f_s390x", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:90225f439b88ca9db06965fd22026b053836ed06bf286b7a80c0e33bd389377f_s390x", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:90225f439b88ca9db06965fd22026b053836ed06bf286b7a80c0e33bd389377f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.10.6-4" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:5cf362a5c8defc1784a752aef1384f81e8efda6318f5536a64eb90335558508c_ppc64le", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:5cf362a5c8defc1784a752aef1384f81e8efda6318f5536a64eb90335558508c_ppc64le", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:5cf362a5c8defc1784a752aef1384f81e8efda6318f5536a64eb90335558508c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:5cf362a5c8defc1784a752aef1384f81e8efda6318f5536a64eb90335558508c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:4dede36872408d83618f264bbea1774f72d57c682bf5d8bbefffc120b045343c_ppc64le", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:4dede36872408d83618f264bbea1774f72d57c682bf5d8bbefffc120b045343c_ppc64le", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:4dede36872408d83618f264bbea1774f72d57c682bf5d8bbefffc120b045343c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:4dede36872408d83618f264bbea1774f72d57c682bf5d8bbefffc120b045343c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:d59d44911f7f2c702524a93cafeee53475904d124313425e80fc5b5404d7873e_ppc64le", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:d59d44911f7f2c702524a93cafeee53475904d124313425e80fc5b5404d7873e_ppc64le", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:d59d44911f7f2c702524a93cafeee53475904d124313425e80fc5b5404d7873e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:d59d44911f7f2c702524a93cafeee53475904d124313425e80fc5b5404d7873e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:2f773920fe6d238ac0521062bdd4bc55ada31936aec5d7ec28b562e78646a545_ppc64le", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:2f773920fe6d238ac0521062bdd4bc55ada31936aec5d7ec28b562e78646a545_ppc64le", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:2f773920fe6d238ac0521062bdd4bc55ada31936aec5d7ec28b562e78646a545_ppc64le", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:2f773920fe6d238ac0521062bdd4bc55ada31936aec5d7ec28b562e78646a545?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:6991b62c782f4ca2d133636d6cf12da3d63a799cb01e857f442800dcafe3677f_ppc64le", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:6991b62c782f4ca2d133636d6cf12da3d63a799cb01e857f442800dcafe3677f_ppc64le", "product_id": "openshift-gitops-1/dex-rhel8@sha256:6991b62c782f4ca2d133636d6cf12da3d63a799cb01e857f442800dcafe3677f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:6991b62c782f4ca2d133636d6cf12da3d63a799cb01e857f442800dcafe3677f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:b3497e092e4800eb989397a335516e8773ce74ac122a58402f245e9689379f73_ppc64le", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:b3497e092e4800eb989397a335516e8773ce74ac122a58402f245e9689379f73_ppc64le", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:b3497e092e4800eb989397a335516e8773ce74ac122a58402f245e9689379f73_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:b3497e092e4800eb989397a335516e8773ce74ac122a58402f245e9689379f73?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:2ecd43a2f7fb1a45c7f9bb3d77c7efa98b17317e92f06dd543f7e4b9ffe7b05d_ppc64le", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:2ecd43a2f7fb1a45c7f9bb3d77c7efa98b17317e92f06dd543f7e4b9ffe7b05d_ppc64le", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:2ecd43a2f7fb1a45c7f9bb3d77c7efa98b17317e92f06dd543f7e4b9ffe7b05d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:2ecd43a2f7fb1a45c7f9bb3d77c7efa98b17317e92f06dd543f7e4b9ffe7b05d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:78bea74dee090be584bd0b9cbe4eee34083deea1a01a3b234002eafdb97cd2da_ppc64le", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:78bea74dee090be584bd0b9cbe4eee34083deea1a01a3b234002eafdb97cd2da_ppc64le", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:78bea74dee090be584bd0b9cbe4eee34083deea1a01a3b234002eafdb97cd2da_ppc64le", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:78bea74dee090be584bd0b9cbe4eee34083deea1a01a3b234002eafdb97cd2da?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.10.6-4" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:f782a2d1f8b01be13a11e651540f9791e52246a764f7627cc9fba9f84834be4a_arm64", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:f782a2d1f8b01be13a11e651540f9791e52246a764f7627cc9fba9f84834be4a_arm64", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:f782a2d1f8b01be13a11e651540f9791e52246a764f7627cc9fba9f84834be4a_arm64", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:f782a2d1f8b01be13a11e651540f9791e52246a764f7627cc9fba9f84834be4a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f0037ac4a08f2b1d8be4c32a3f054774f07e71f0a069d3ce623552ed4924b584_arm64", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f0037ac4a08f2b1d8be4c32a3f054774f07e71f0a069d3ce623552ed4924b584_arm64", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f0037ac4a08f2b1d8be4c32a3f054774f07e71f0a069d3ce623552ed4924b584_arm64", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:f0037ac4a08f2b1d8be4c32a3f054774f07e71f0a069d3ce623552ed4924b584?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:c79af79d95a745692d814b2dfd01651cc658a0e4f682cfb8e50815b91b453199_arm64", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:c79af79d95a745692d814b2dfd01651cc658a0e4f682cfb8e50815b91b453199_arm64", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:c79af79d95a745692d814b2dfd01651cc658a0e4f682cfb8e50815b91b453199_arm64", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:c79af79d95a745692d814b2dfd01651cc658a0e4f682cfb8e50815b91b453199?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:15b985be0cbe682fc899666235c9475957ea6fa5512b3b7cd587a3ef5fd8bb93_arm64", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:15b985be0cbe682fc899666235c9475957ea6fa5512b3b7cd587a3ef5fd8bb93_arm64", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:15b985be0cbe682fc899666235c9475957ea6fa5512b3b7cd587a3ef5fd8bb93_arm64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:15b985be0cbe682fc899666235c9475957ea6fa5512b3b7cd587a3ef5fd8bb93?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:3d67cf48a48e80b2a7afcd62279ec9ccfd782ac0a28a8c8fc32d4d674fc930d7_arm64", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:3d67cf48a48e80b2a7afcd62279ec9ccfd782ac0a28a8c8fc32d4d674fc930d7_arm64", "product_id": "openshift-gitops-1/dex-rhel8@sha256:3d67cf48a48e80b2a7afcd62279ec9ccfd782ac0a28a8c8fc32d4d674fc930d7_arm64", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:3d67cf48a48e80b2a7afcd62279ec9ccfd782ac0a28a8c8fc32d4d674fc930d7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:a81faaa39945fe28a767fce051d15b8db761369994ac351b85a08aeaca0bfebd_arm64", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:a81faaa39945fe28a767fce051d15b8db761369994ac351b85a08aeaca0bfebd_arm64", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:a81faaa39945fe28a767fce051d15b8db761369994ac351b85a08aeaca0bfebd_arm64", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:a81faaa39945fe28a767fce051d15b8db761369994ac351b85a08aeaca0bfebd?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:827d9ee1eb2463b489ec68f8994fa07fe2ead0255801311a0b27cc1a38b7f232_arm64", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:827d9ee1eb2463b489ec68f8994fa07fe2ead0255801311a0b27cc1a38b7f232_arm64", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:827d9ee1eb2463b489ec68f8994fa07fe2ead0255801311a0b27cc1a38b7f232_arm64", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:827d9ee1eb2463b489ec68f8994fa07fe2ead0255801311a0b27cc1a38b7f232?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.10.6-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:174f1e9de387d98cbbbbe90c5bdbeb3b7858ce6f43701aff7d6d72f3c7b87746_arm64", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:174f1e9de387d98cbbbbe90c5bdbeb3b7858ce6f43701aff7d6d72f3c7b87746_arm64", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:174f1e9de387d98cbbbbe90c5bdbeb3b7858ce6f43701aff7d6d72f3c7b87746_arm64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:174f1e9de387d98cbbbbe90c5bdbeb3b7858ce6f43701aff7d6d72f3c7b87746?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.10.6-4" } } } ], "category": "architecture", "name": "arm64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0608ca9bc5c778b10056ce89287ebce6329ef1d15a521aa764c36be2d2c83fd6_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0608ca9bc5c778b10056ce89287ebce6329ef1d15a521aa764c36be2d2c83fd6_s390x" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0608ca9bc5c778b10056ce89287ebce6329ef1d15a521aa764c36be2d2c83fd6_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:4dede36872408d83618f264bbea1774f72d57c682bf5d8bbefffc120b045343c_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:4dede36872408d83618f264bbea1774f72d57c682bf5d8bbefffc120b045343c_ppc64le" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:4dede36872408d83618f264bbea1774f72d57c682bf5d8bbefffc120b045343c_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:64dd56354e5b7d467307beee042b329aea149caea0b03400649dc4e0ec96a024_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:64dd56354e5b7d467307beee042b329aea149caea0b03400649dc4e0ec96a024_amd64" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:64dd56354e5b7d467307beee042b329aea149caea0b03400649dc4e0ec96a024_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f0037ac4a08f2b1d8be4c32a3f054774f07e71f0a069d3ce623552ed4924b584_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:f0037ac4a08f2b1d8be4c32a3f054774f07e71f0a069d3ce623552ed4924b584_arm64" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f0037ac4a08f2b1d8be4c32a3f054774f07e71f0a069d3ce623552ed4924b584_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:1ed6d86544f6c3a295cdc17a9268cd91f79f714c6f4ab3cff94c9e66a6fe2aaa_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1ed6d86544f6c3a295cdc17a9268cd91f79f714c6f4ab3cff94c9e66a6fe2aaa_s390x" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:1ed6d86544f6c3a295cdc17a9268cd91f79f714c6f4ab3cff94c9e66a6fe2aaa_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:5cf362a5c8defc1784a752aef1384f81e8efda6318f5536a64eb90335558508c_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5cf362a5c8defc1784a752aef1384f81e8efda6318f5536a64eb90335558508c_ppc64le" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:5cf362a5c8defc1784a752aef1384f81e8efda6318f5536a64eb90335558508c_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:688eb12e6b880ed645bb588b3adafeb4736b179a1606ddaf58f9c2de022a35f6_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:688eb12e6b880ed645bb588b3adafeb4736b179a1606ddaf58f9c2de022a35f6_amd64" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:688eb12e6b880ed645bb588b3adafeb4736b179a1606ddaf58f9c2de022a35f6_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:f782a2d1f8b01be13a11e651540f9791e52246a764f7627cc9fba9f84834be4a_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:f782a2d1f8b01be13a11e651540f9791e52246a764f7627cc9fba9f84834be4a_arm64" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:f782a2d1f8b01be13a11e651540f9791e52246a764f7627cc9fba9f84834be4a_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:1a0a1f97664033388776bb04df16473f9cd5c500bed97165cedff8a7030fd868_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1a0a1f97664033388776bb04df16473f9cd5c500bed97165cedff8a7030fd868_s390x" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:1a0a1f97664033388776bb04df16473f9cd5c500bed97165cedff8a7030fd868_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:58a4e77d29c5277559518d042cf84e083be1408eb397c20bcd56c3d8b80c7b1f_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:58a4e77d29c5277559518d042cf84e083be1408eb397c20bcd56c3d8b80c7b1f_amd64" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:58a4e77d29c5277559518d042cf84e083be1408eb397c20bcd56c3d8b80c7b1f_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:c79af79d95a745692d814b2dfd01651cc658a0e4f682cfb8e50815b91b453199_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:c79af79d95a745692d814b2dfd01651cc658a0e4f682cfb8e50815b91b453199_arm64" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:c79af79d95a745692d814b2dfd01651cc658a0e4f682cfb8e50815b91b453199_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:d59d44911f7f2c702524a93cafeee53475904d124313425e80fc5b5404d7873e_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d59d44911f7f2c702524a93cafeee53475904d124313425e80fc5b5404d7873e_ppc64le" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:d59d44911f7f2c702524a93cafeee53475904d124313425e80fc5b5404d7873e_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:3d67cf48a48e80b2a7afcd62279ec9ccfd782ac0a28a8c8fc32d4d674fc930d7_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:3d67cf48a48e80b2a7afcd62279ec9ccfd782ac0a28a8c8fc32d4d674fc930d7_arm64" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:3d67cf48a48e80b2a7afcd62279ec9ccfd782ac0a28a8c8fc32d4d674fc930d7_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:655eb264bf4abcfa23dc3c15379400afcef3281514880d5152a09917fe86f322_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:655eb264bf4abcfa23dc3c15379400afcef3281514880d5152a09917fe86f322_s390x" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:655eb264bf4abcfa23dc3c15379400afcef3281514880d5152a09917fe86f322_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:6991b62c782f4ca2d133636d6cf12da3d63a799cb01e857f442800dcafe3677f_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:6991b62c782f4ca2d133636d6cf12da3d63a799cb01e857f442800dcafe3677f_ppc64le" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:6991b62c782f4ca2d133636d6cf12da3d63a799cb01e857f442800dcafe3677f_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:c3972e66a24fc340f5fb87d5e14afede851dbbac24061c84f94623bc826091d7_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:c3972e66a24fc340f5fb87d5e14afede851dbbac24061c84f94623bc826091d7_amd64" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:c3972e66a24fc340f5fb87d5e14afede851dbbac24061c84f94623bc826091d7_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-operator-bundle@sha256:ed530db9b4a29fb591ea208cd0c6b3b83b49537ff5a0a4f501b54ce667f9b303_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:ed530db9b4a29fb591ea208cd0c6b3b83b49537ff5a0a4f501b54ce667f9b303_amd64" }, "product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:ed530db9b4a29fb591ea208cd0c6b3b83b49537ff5a0a4f501b54ce667f9b303_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:174f1e9de387d98cbbbbe90c5bdbeb3b7858ce6f43701aff7d6d72f3c7b87746_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:174f1e9de387d98cbbbbe90c5bdbeb3b7858ce6f43701aff7d6d72f3c7b87746_arm64" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:174f1e9de387d98cbbbbe90c5bdbeb3b7858ce6f43701aff7d6d72f3c7b87746_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:6a674317b6ab5a65a4abadecff028dd03ceacd0d819841afb6365d604b08b4fe_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:6a674317b6ab5a65a4abadecff028dd03ceacd0d819841afb6365d604b08b4fe_amd64" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:6a674317b6ab5a65a4abadecff028dd03ceacd0d819841afb6365d604b08b4fe_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:78bea74dee090be584bd0b9cbe4eee34083deea1a01a3b234002eafdb97cd2da_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:78bea74dee090be584bd0b9cbe4eee34083deea1a01a3b234002eafdb97cd2da_ppc64le" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:78bea74dee090be584bd0b9cbe4eee34083deea1a01a3b234002eafdb97cd2da_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:90225f439b88ca9db06965fd22026b053836ed06bf286b7a80c0e33bd389377f_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:90225f439b88ca9db06965fd22026b053836ed06bf286b7a80c0e33bd389377f_s390x" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:90225f439b88ca9db06965fd22026b053836ed06bf286b7a80c0e33bd389377f_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:15b985be0cbe682fc899666235c9475957ea6fa5512b3b7cd587a3ef5fd8bb93_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:15b985be0cbe682fc899666235c9475957ea6fa5512b3b7cd587a3ef5fd8bb93_arm64" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:15b985be0cbe682fc899666235c9475957ea6fa5512b3b7cd587a3ef5fd8bb93_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:2f773920fe6d238ac0521062bdd4bc55ada31936aec5d7ec28b562e78646a545_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:2f773920fe6d238ac0521062bdd4bc55ada31936aec5d7ec28b562e78646a545_ppc64le" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:2f773920fe6d238ac0521062bdd4bc55ada31936aec5d7ec28b562e78646a545_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:7e428454aeb35c640bb9ae607f95e523ffbead6788cdea0c8c99bd8ae9a8451a_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:7e428454aeb35c640bb9ae607f95e523ffbead6788cdea0c8c99bd8ae9a8451a_amd64" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:7e428454aeb35c640bb9ae607f95e523ffbead6788cdea0c8c99bd8ae9a8451a_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:cc7a542c4ee755a60c1cb688a2fac4c6887a7d89b8d9634ed7447a45023c8157_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:cc7a542c4ee755a60c1cb688a2fac4c6887a7d89b8d9634ed7447a45023c8157_s390x" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:cc7a542c4ee755a60c1cb688a2fac4c6887a7d89b8d9634ed7447a45023c8157_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:5a3d73268b62e644001cd7c3a99f997b83df62ae66d9dbdf336e90fd64e58128_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:5a3d73268b62e644001cd7c3a99f997b83df62ae66d9dbdf336e90fd64e58128_s390x" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:5a3d73268b62e644001cd7c3a99f997b83df62ae66d9dbdf336e90fd64e58128_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:9a9b0fcd52a78dec186643343ca513875c9a234555e5c406580b616afc03e404_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9a9b0fcd52a78dec186643343ca513875c9a234555e5c406580b616afc03e404_amd64" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:9a9b0fcd52a78dec186643343ca513875c9a234555e5c406580b616afc03e404_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:a81faaa39945fe28a767fce051d15b8db761369994ac351b85a08aeaca0bfebd_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:a81faaa39945fe28a767fce051d15b8db761369994ac351b85a08aeaca0bfebd_arm64" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:a81faaa39945fe28a767fce051d15b8db761369994ac351b85a08aeaca0bfebd_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:b3497e092e4800eb989397a335516e8773ce74ac122a58402f245e9689379f73_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:b3497e092e4800eb989397a335516e8773ce74ac122a58402f245e9689379f73_ppc64le" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:b3497e092e4800eb989397a335516e8773ce74ac122a58402f245e9689379f73_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:2ecd43a2f7fb1a45c7f9bb3d77c7efa98b17317e92f06dd543f7e4b9ffe7b05d_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:2ecd43a2f7fb1a45c7f9bb3d77c7efa98b17317e92f06dd543f7e4b9ffe7b05d_ppc64le" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:2ecd43a2f7fb1a45c7f9bb3d77c7efa98b17317e92f06dd543f7e4b9ffe7b05d_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:2eda7599f9454e50c60949f75447e4599d4f8a7e2a9fd37f32a1a0c4e6078fcb_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:2eda7599f9454e50c60949f75447e4599d4f8a7e2a9fd37f32a1a0c4e6078fcb_amd64" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:2eda7599f9454e50c60949f75447e4599d4f8a7e2a9fd37f32a1a0c4e6078fcb_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:827d9ee1eb2463b489ec68f8994fa07fe2ead0255801311a0b27cc1a38b7f232_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:827d9ee1eb2463b489ec68f8994fa07fe2ead0255801311a0b27cc1a38b7f232_arm64" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:827d9ee1eb2463b489ec68f8994fa07fe2ead0255801311a0b27cc1a38b7f232_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:d7384c2354d5ebfbb25da696b269dfa460137489ea23d58bcf4a5a4c4571caec_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:d7384c2354d5ebfbb25da696b269dfa460137489ea23d58bcf4a5a4c4571caec_s390x" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:d7384c2354d5ebfbb25da696b269dfa460137489ea23d58bcf4a5a4c4571caec_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-31989", "cwe": { "id": "CWE-1240", "name": "Use of a Cryptographic Primitive with a Risky Implementation" }, "discovery_date": "2024-05-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2280218" } ], "notes": [ { "category": "description", "text": "A flaw was found in the ArgoCD Redis database server. This flaw allows an attacker with access to the Redis server to gain read/write access to the data in Redis. The attacker can also modify the \"mfst\" (manifest) key to cause ArgoCD to execute any deployment, potentially leveraging ArgoCD\u0027s high privileges to take over the cluster.", "title": "Vulnerability description" }, { "category": "summary", "text": "argocd: Use of Risky or Missing Cryptographic Algorithms in Redis Cache", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0608ca9bc5c778b10056ce89287ebce6329ef1d15a521aa764c36be2d2c83fd6_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:4dede36872408d83618f264bbea1774f72d57c682bf5d8bbefffc120b045343c_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:64dd56354e5b7d467307beee042b329aea149caea0b03400649dc4e0ec96a024_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:f0037ac4a08f2b1d8be4c32a3f054774f07e71f0a069d3ce623552ed4924b584_arm64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1ed6d86544f6c3a295cdc17a9268cd91f79f714c6f4ab3cff94c9e66a6fe2aaa_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5cf362a5c8defc1784a752aef1384f81e8efda6318f5536a64eb90335558508c_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:688eb12e6b880ed645bb588b3adafeb4736b179a1606ddaf58f9c2de022a35f6_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:f782a2d1f8b01be13a11e651540f9791e52246a764f7627cc9fba9f84834be4a_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1a0a1f97664033388776bb04df16473f9cd5c500bed97165cedff8a7030fd868_s390x", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:58a4e77d29c5277559518d042cf84e083be1408eb397c20bcd56c3d8b80c7b1f_amd64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:c79af79d95a745692d814b2dfd01651cc658a0e4f682cfb8e50815b91b453199_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d59d44911f7f2c702524a93cafeee53475904d124313425e80fc5b5404d7873e_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:3d67cf48a48e80b2a7afcd62279ec9ccfd782ac0a28a8c8fc32d4d674fc930d7_arm64", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:655eb264bf4abcfa23dc3c15379400afcef3281514880d5152a09917fe86f322_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:6991b62c782f4ca2d133636d6cf12da3d63a799cb01e857f442800dcafe3677f_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:c3972e66a24fc340f5fb87d5e14afede851dbbac24061c84f94623bc826091d7_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:ed530db9b4a29fb591ea208cd0c6b3b83b49537ff5a0a4f501b54ce667f9b303_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:174f1e9de387d98cbbbbe90c5bdbeb3b7858ce6f43701aff7d6d72f3c7b87746_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:6a674317b6ab5a65a4abadecff028dd03ceacd0d819841afb6365d604b08b4fe_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:78bea74dee090be584bd0b9cbe4eee34083deea1a01a3b234002eafdb97cd2da_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:90225f439b88ca9db06965fd22026b053836ed06bf286b7a80c0e33bd389377f_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:15b985be0cbe682fc899666235c9475957ea6fa5512b3b7cd587a3ef5fd8bb93_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:2f773920fe6d238ac0521062bdd4bc55ada31936aec5d7ec28b562e78646a545_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:7e428454aeb35c640bb9ae607f95e523ffbead6788cdea0c8c99bd8ae9a8451a_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:cc7a542c4ee755a60c1cb688a2fac4c6887a7d89b8d9634ed7447a45023c8157_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:5a3d73268b62e644001cd7c3a99f997b83df62ae66d9dbdf336e90fd64e58128_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9a9b0fcd52a78dec186643343ca513875c9a234555e5c406580b616afc03e404_amd64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:a81faaa39945fe28a767fce051d15b8db761369994ac351b85a08aeaca0bfebd_arm64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:b3497e092e4800eb989397a335516e8773ce74ac122a58402f245e9689379f73_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:2ecd43a2f7fb1a45c7f9bb3d77c7efa98b17317e92f06dd543f7e4b9ffe7b05d_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:2eda7599f9454e50c60949f75447e4599d4f8a7e2a9fd37f32a1a0c4e6078fcb_amd64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:827d9ee1eb2463b489ec68f8994fa07fe2ead0255801311a0b27cc1a38b7f232_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:d7384c2354d5ebfbb25da696b269dfa460137489ea23d58bcf4a5a4c4571caec_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-31989" }, { "category": "external", "summary": "RHBZ#2280218", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280218" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-31989", "url": "https://www.cve.org/CVERecord?id=CVE-2024-31989" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-31989", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31989" }, { "category": "external", "summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr", "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr" } ], "release_date": "2024-05-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-28T08:21:45+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0608ca9bc5c778b10056ce89287ebce6329ef1d15a521aa764c36be2d2c83fd6_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:4dede36872408d83618f264bbea1774f72d57c682bf5d8bbefffc120b045343c_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:64dd56354e5b7d467307beee042b329aea149caea0b03400649dc4e0ec96a024_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:f0037ac4a08f2b1d8be4c32a3f054774f07e71f0a069d3ce623552ed4924b584_arm64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1ed6d86544f6c3a295cdc17a9268cd91f79f714c6f4ab3cff94c9e66a6fe2aaa_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5cf362a5c8defc1784a752aef1384f81e8efda6318f5536a64eb90335558508c_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:688eb12e6b880ed645bb588b3adafeb4736b179a1606ddaf58f9c2de022a35f6_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:f782a2d1f8b01be13a11e651540f9791e52246a764f7627cc9fba9f84834be4a_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1a0a1f97664033388776bb04df16473f9cd5c500bed97165cedff8a7030fd868_s390x", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:58a4e77d29c5277559518d042cf84e083be1408eb397c20bcd56c3d8b80c7b1f_amd64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:c79af79d95a745692d814b2dfd01651cc658a0e4f682cfb8e50815b91b453199_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d59d44911f7f2c702524a93cafeee53475904d124313425e80fc5b5404d7873e_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:3d67cf48a48e80b2a7afcd62279ec9ccfd782ac0a28a8c8fc32d4d674fc930d7_arm64", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:655eb264bf4abcfa23dc3c15379400afcef3281514880d5152a09917fe86f322_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:6991b62c782f4ca2d133636d6cf12da3d63a799cb01e857f442800dcafe3677f_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:c3972e66a24fc340f5fb87d5e14afede851dbbac24061c84f94623bc826091d7_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:ed530db9b4a29fb591ea208cd0c6b3b83b49537ff5a0a4f501b54ce667f9b303_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:174f1e9de387d98cbbbbe90c5bdbeb3b7858ce6f43701aff7d6d72f3c7b87746_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:6a674317b6ab5a65a4abadecff028dd03ceacd0d819841afb6365d604b08b4fe_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:78bea74dee090be584bd0b9cbe4eee34083deea1a01a3b234002eafdb97cd2da_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:90225f439b88ca9db06965fd22026b053836ed06bf286b7a80c0e33bd389377f_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:15b985be0cbe682fc899666235c9475957ea6fa5512b3b7cd587a3ef5fd8bb93_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:2f773920fe6d238ac0521062bdd4bc55ada31936aec5d7ec28b562e78646a545_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:7e428454aeb35c640bb9ae607f95e523ffbead6788cdea0c8c99bd8ae9a8451a_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:cc7a542c4ee755a60c1cb688a2fac4c6887a7d89b8d9634ed7447a45023c8157_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:5a3d73268b62e644001cd7c3a99f997b83df62ae66d9dbdf336e90fd64e58128_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9a9b0fcd52a78dec186643343ca513875c9a234555e5c406580b616afc03e404_amd64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:a81faaa39945fe28a767fce051d15b8db761369994ac351b85a08aeaca0bfebd_arm64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:b3497e092e4800eb989397a335516e8773ce74ac122a58402f245e9689379f73_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:2ecd43a2f7fb1a45c7f9bb3d77c7efa98b17317e92f06dd543f7e4b9ffe7b05d_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:2eda7599f9454e50c60949f75447e4599d4f8a7e2a9fd37f32a1a0c4e6078fcb_amd64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:827d9ee1eb2463b489ec68f8994fa07fe2ead0255801311a0b27cc1a38b7f232_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:d7384c2354d5ebfbb25da696b269dfa460137489ea23d58bcf4a5a4c4571caec_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3369" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0608ca9bc5c778b10056ce89287ebce6329ef1d15a521aa764c36be2d2c83fd6_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:4dede36872408d83618f264bbea1774f72d57c682bf5d8bbefffc120b045343c_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:64dd56354e5b7d467307beee042b329aea149caea0b03400649dc4e0ec96a024_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:f0037ac4a08f2b1d8be4c32a3f054774f07e71f0a069d3ce623552ed4924b584_arm64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1ed6d86544f6c3a295cdc17a9268cd91f79f714c6f4ab3cff94c9e66a6fe2aaa_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5cf362a5c8defc1784a752aef1384f81e8efda6318f5536a64eb90335558508c_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:688eb12e6b880ed645bb588b3adafeb4736b179a1606ddaf58f9c2de022a35f6_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:f782a2d1f8b01be13a11e651540f9791e52246a764f7627cc9fba9f84834be4a_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1a0a1f97664033388776bb04df16473f9cd5c500bed97165cedff8a7030fd868_s390x", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:58a4e77d29c5277559518d042cf84e083be1408eb397c20bcd56c3d8b80c7b1f_amd64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:c79af79d95a745692d814b2dfd01651cc658a0e4f682cfb8e50815b91b453199_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d59d44911f7f2c702524a93cafeee53475904d124313425e80fc5b5404d7873e_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:3d67cf48a48e80b2a7afcd62279ec9ccfd782ac0a28a8c8fc32d4d674fc930d7_arm64", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:655eb264bf4abcfa23dc3c15379400afcef3281514880d5152a09917fe86f322_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:6991b62c782f4ca2d133636d6cf12da3d63a799cb01e857f442800dcafe3677f_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:c3972e66a24fc340f5fb87d5e14afede851dbbac24061c84f94623bc826091d7_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:ed530db9b4a29fb591ea208cd0c6b3b83b49537ff5a0a4f501b54ce667f9b303_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:174f1e9de387d98cbbbbe90c5bdbeb3b7858ce6f43701aff7d6d72f3c7b87746_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:6a674317b6ab5a65a4abadecff028dd03ceacd0d819841afb6365d604b08b4fe_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:78bea74dee090be584bd0b9cbe4eee34083deea1a01a3b234002eafdb97cd2da_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:90225f439b88ca9db06965fd22026b053836ed06bf286b7a80c0e33bd389377f_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:15b985be0cbe682fc899666235c9475957ea6fa5512b3b7cd587a3ef5fd8bb93_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:2f773920fe6d238ac0521062bdd4bc55ada31936aec5d7ec28b562e78646a545_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:7e428454aeb35c640bb9ae607f95e523ffbead6788cdea0c8c99bd8ae9a8451a_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:cc7a542c4ee755a60c1cb688a2fac4c6887a7d89b8d9634ed7447a45023c8157_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:5a3d73268b62e644001cd7c3a99f997b83df62ae66d9dbdf336e90fd64e58128_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9a9b0fcd52a78dec186643343ca513875c9a234555e5c406580b616afc03e404_amd64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:a81faaa39945fe28a767fce051d15b8db761369994ac351b85a08aeaca0bfebd_arm64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:b3497e092e4800eb989397a335516e8773ce74ac122a58402f245e9689379f73_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:2ecd43a2f7fb1a45c7f9bb3d77c7efa98b17317e92f06dd543f7e4b9ffe7b05d_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:2eda7599f9454e50c60949f75447e4599d4f8a7e2a9fd37f32a1a0c4e6078fcb_amd64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:827d9ee1eb2463b489ec68f8994fa07fe2ead0255801311a0b27cc1a38b7f232_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:d7384c2354d5ebfbb25da696b269dfa460137489ea23d58bcf4a5a4c4571caec_s390x" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "argocd: Use of Risky or Missing Cryptographic Algorithms in Redis Cache" } ] }
rhsa-2024_3368
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat OpenShift GitOps v1.12.3 to address the CVE-2024-31989, Unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Errata Advisory for Red Hat OpenShift GitOps v1.12.3\n\nSecurity Fix(es):\n\n* CVE-2024-31989 argocd: unprivileged pod in a different namespace on the same cluster could connect to the Redis server.\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:3368", "url": "https://access.redhat.com/errata/RHSA-2024:3368" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2280218", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280218" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3368.json" } ], "title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.3 security update", "tracking": { "current_release_date": "2024-11-06T05:59:14+00:00", "generator": { "date": "2024-11-06T05:59:14+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2024:3368", "initial_release_date": "2024-05-28T08:22:42+00:00", "revision_history": [ { "date": "2024-05-28T08:22:42+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-05-28T08:22:42+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T05:59:14+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift GitOps 1.12", "product": { "name": "Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift GitOps" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:eab1fd0bbe9de639d3291202b29211016489dd008b809ea331d85135f52e17bf_ppc64le", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:eab1fd0bbe9de639d3291202b29211016489dd008b809ea331d85135f52e17bf_ppc64le", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:eab1fd0bbe9de639d3291202b29211016489dd008b809ea331d85135f52e17bf_ppc64le", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:eab1fd0bbe9de639d3291202b29211016489dd008b809ea331d85135f52e17bf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:b10bdc2d2da9da113fbc8db917475fe669f35d3a8024fa2d688720a7111392f2_ppc64le", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:b10bdc2d2da9da113fbc8db917475fe669f35d3a8024fa2d688720a7111392f2_ppc64le", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:b10bdc2d2da9da113fbc8db917475fe669f35d3a8024fa2d688720a7111392f2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:b10bdc2d2da9da113fbc8db917475fe669f35d3a8024fa2d688720a7111392f2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:c26c1ffe6fdfc7182ed1f925e552f0e4fc9d6ad4479f1fe2e1acbf0379c6a7fa_ppc64le", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:c26c1ffe6fdfc7182ed1f925e552f0e4fc9d6ad4479f1fe2e1acbf0379c6a7fa_ppc64le", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:c26c1ffe6fdfc7182ed1f925e552f0e4fc9d6ad4479f1fe2e1acbf0379c6a7fa_ppc64le", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:c26c1ffe6fdfc7182ed1f925e552f0e4fc9d6ad4479f1fe2e1acbf0379c6a7fa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:3f394bcdfa8421cbf9c3ecfa47065a9c6e3b0d570cb038f5a4e5b3e908711ed6_ppc64le", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:3f394bcdfa8421cbf9c3ecfa47065a9c6e3b0d570cb038f5a4e5b3e908711ed6_ppc64le", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:3f394bcdfa8421cbf9c3ecfa47065a9c6e3b0d570cb038f5a4e5b3e908711ed6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:3f394bcdfa8421cbf9c3ecfa47065a9c6e3b0d570cb038f5a4e5b3e908711ed6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:84f07a0dfc6466e124cfbcddfb40bef5d1c2160ef1368cdd763e263f0dba309b_ppc64le", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:84f07a0dfc6466e124cfbcddfb40bef5d1c2160ef1368cdd763e263f0dba309b_ppc64le", "product_id": "openshift-gitops-1/dex-rhel8@sha256:84f07a0dfc6466e124cfbcddfb40bef5d1c2160ef1368cdd763e263f0dba309b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:84f07a0dfc6466e124cfbcddfb40bef5d1c2160ef1368cdd763e263f0dba309b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:647ae1980151675b2db5275f7fbe6df809e18465531e3f917f622e77340bf3f3_ppc64le", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:647ae1980151675b2db5275f7fbe6df809e18465531e3f917f622e77340bf3f3_ppc64le", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:647ae1980151675b2db5275f7fbe6df809e18465531e3f917f622e77340bf3f3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:647ae1980151675b2db5275f7fbe6df809e18465531e3f917f622e77340bf3f3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:c634cc4b744bedd76eb7c170b9e27292f9afad1b193f470acd8b2ee77063bac2_ppc64le", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:c634cc4b744bedd76eb7c170b9e27292f9afad1b193f470acd8b2ee77063bac2_ppc64le", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:c634cc4b744bedd76eb7c170b9e27292f9afad1b193f470acd8b2ee77063bac2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:c634cc4b744bedd76eb7c170b9e27292f9afad1b193f470acd8b2ee77063bac2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:736695a8d2d7e22c0a061fcd3c38bf8f4ff9fb7cae6d7ecf0b20cbfd5bccb252_ppc64le", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:736695a8d2d7e22c0a061fcd3c38bf8f4ff9fb7cae6d7ecf0b20cbfd5bccb252_ppc64le", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:736695a8d2d7e22c0a061fcd3c38bf8f4ff9fb7cae6d7ecf0b20cbfd5bccb252_ppc64le", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:736695a8d2d7e22c0a061fcd3c38bf8f4ff9fb7cae6d7ecf0b20cbfd5bccb252?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.12.3-4" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:755ed5fa7ec7fe6ab0eaece585de1467f75aa9a77ab1fe3a10978a856ed34e6d_amd64", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:755ed5fa7ec7fe6ab0eaece585de1467f75aa9a77ab1fe3a10978a856ed34e6d_amd64", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:755ed5fa7ec7fe6ab0eaece585de1467f75aa9a77ab1fe3a10978a856ed34e6d_amd64", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:755ed5fa7ec7fe6ab0eaece585de1467f75aa9a77ab1fe3a10978a856ed34e6d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:68a55e1bd9353f39a908a968308da01bd5d2c748ddd01e48690fd7704e1ad76f_amd64", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:68a55e1bd9353f39a908a968308da01bd5d2c748ddd01e48690fd7704e1ad76f_amd64", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:68a55e1bd9353f39a908a968308da01bd5d2c748ddd01e48690fd7704e1ad76f_amd64", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:68a55e1bd9353f39a908a968308da01bd5d2c748ddd01e48690fd7704e1ad76f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:5316dda07e6091408343a6edba9693cef522b279b135fd061d8cb79d78708b54_amd64", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:5316dda07e6091408343a6edba9693cef522b279b135fd061d8cb79d78708b54_amd64", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:5316dda07e6091408343a6edba9693cef522b279b135fd061d8cb79d78708b54_amd64", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:5316dda07e6091408343a6edba9693cef522b279b135fd061d8cb79d78708b54?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:05cd8f780df5189690fcf7c70a0d3f2d7472fbaf0b9b95cf9950c65e96d27984_amd64", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:05cd8f780df5189690fcf7c70a0d3f2d7472fbaf0b9b95cf9950c65e96d27984_amd64", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:05cd8f780df5189690fcf7c70a0d3f2d7472fbaf0b9b95cf9950c65e96d27984_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:05cd8f780df5189690fcf7c70a0d3f2d7472fbaf0b9b95cf9950c65e96d27984?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:9357c7a93739df97d4e62e1d9e6b9ba9d3b940165f0d579070fca73a3fdb8e83_amd64", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:9357c7a93739df97d4e62e1d9e6b9ba9d3b940165f0d579070fca73a3fdb8e83_amd64", "product_id": "openshift-gitops-1/dex-rhel8@sha256:9357c7a93739df97d4e62e1d9e6b9ba9d3b940165f0d579070fca73a3fdb8e83_amd64", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:9357c7a93739df97d4e62e1d9e6b9ba9d3b940165f0d579070fca73a3fdb8e83?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2c397a92051335f4b81874c7e6c3ae02207caeeabba8268b28a1202a673c5a85_amd64", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2c397a92051335f4b81874c7e6c3ae02207caeeabba8268b28a1202a673c5a85_amd64", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:2c397a92051335f4b81874c7e6c3ae02207caeeabba8268b28a1202a673c5a85_amd64", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:2c397a92051335f4b81874c7e6c3ae02207caeeabba8268b28a1202a673c5a85?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:2f57e391a8a521ca5676fc60c3d09dc9791ab020bcb6ac2af1469b402ed44c13_amd64", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:2f57e391a8a521ca5676fc60c3d09dc9791ab020bcb6ac2af1469b402ed44c13_amd64", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:2f57e391a8a521ca5676fc60c3d09dc9791ab020bcb6ac2af1469b402ed44c13_amd64", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:2f57e391a8a521ca5676fc60c3d09dc9791ab020bcb6ac2af1469b402ed44c13?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-operator-bundle@sha256:3da4a6840665ba50c699bf22a7258ee5f6912c589a3a1b278caa887c877bf9f2_amd64", "product": { "name": "openshift-gitops-1/gitops-operator-bundle@sha256:3da4a6840665ba50c699bf22a7258ee5f6912c589a3a1b278caa887c877bf9f2_amd64", "product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:3da4a6840665ba50c699bf22a7258ee5f6912c589a3a1b278caa887c877bf9f2_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-operator-bundle@sha256:3da4a6840665ba50c699bf22a7258ee5f6912c589a3a1b278caa887c877bf9f2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:8ad3dac8f66626104cfa06fcf913db665528923fe48b26726cfa36a826f4017d_amd64", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:8ad3dac8f66626104cfa06fcf913db665528923fe48b26726cfa36a826f4017d_amd64", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:8ad3dac8f66626104cfa06fcf913db665528923fe48b26726cfa36a826f4017d_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:8ad3dac8f66626104cfa06fcf913db665528923fe48b26726cfa36a826f4017d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.12.3-4" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:8a97de100b5377ccf3efaafcdc9b4bb6fc31ca44cb8310aab7b13c9392408201_arm64", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:8a97de100b5377ccf3efaafcdc9b4bb6fc31ca44cb8310aab7b13c9392408201_arm64", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:8a97de100b5377ccf3efaafcdc9b4bb6fc31ca44cb8310aab7b13c9392408201_arm64", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:8a97de100b5377ccf3efaafcdc9b4bb6fc31ca44cb8310aab7b13c9392408201?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:dfc1fa067d02b42535e1a1caa76b4260e35f45420837da60fe7fa139e013192e_arm64", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:dfc1fa067d02b42535e1a1caa76b4260e35f45420837da60fe7fa139e013192e_arm64", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:dfc1fa067d02b42535e1a1caa76b4260e35f45420837da60fe7fa139e013192e_arm64", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:dfc1fa067d02b42535e1a1caa76b4260e35f45420837da60fe7fa139e013192e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:0938da95911ba88faa3a2d6edaf02d9875f21c633e86c1a6fb261f34cb4c9605_arm64", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:0938da95911ba88faa3a2d6edaf02d9875f21c633e86c1a6fb261f34cb4c9605_arm64", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:0938da95911ba88faa3a2d6edaf02d9875f21c633e86c1a6fb261f34cb4c9605_arm64", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:0938da95911ba88faa3a2d6edaf02d9875f21c633e86c1a6fb261f34cb4c9605?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:22b76c1375dea7b506e354c72363cfa5dc0b7073f67ca7591bae2d0816f7f547_arm64", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:22b76c1375dea7b506e354c72363cfa5dc0b7073f67ca7591bae2d0816f7f547_arm64", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:22b76c1375dea7b506e354c72363cfa5dc0b7073f67ca7591bae2d0816f7f547_arm64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:22b76c1375dea7b506e354c72363cfa5dc0b7073f67ca7591bae2d0816f7f547?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:71716eaf6e424c2c9ed15360a09a9a9a31d30afb0c3872a1d1d83068e6aaa7b9_arm64", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:71716eaf6e424c2c9ed15360a09a9a9a31d30afb0c3872a1d1d83068e6aaa7b9_arm64", "product_id": "openshift-gitops-1/dex-rhel8@sha256:71716eaf6e424c2c9ed15360a09a9a9a31d30afb0c3872a1d1d83068e6aaa7b9_arm64", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:71716eaf6e424c2c9ed15360a09a9a9a31d30afb0c3872a1d1d83068e6aaa7b9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:092e6b9a6b22e3b67e3306beaed42f4ebe671c6d76ef83cb8872d8fce9904298_arm64", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:092e6b9a6b22e3b67e3306beaed42f4ebe671c6d76ef83cb8872d8fce9904298_arm64", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:092e6b9a6b22e3b67e3306beaed42f4ebe671c6d76ef83cb8872d8fce9904298_arm64", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:092e6b9a6b22e3b67e3306beaed42f4ebe671c6d76ef83cb8872d8fce9904298?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:a9078be71cd9e21c0f481d1c3d9a497fdf7e7b92b144294319d7229039122d31_arm64", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:a9078be71cd9e21c0f481d1c3d9a497fdf7e7b92b144294319d7229039122d31_arm64", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:a9078be71cd9e21c0f481d1c3d9a497fdf7e7b92b144294319d7229039122d31_arm64", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:a9078be71cd9e21c0f481d1c3d9a497fdf7e7b92b144294319d7229039122d31?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:e416e186379ff67d7fd8b830de8cf0ba24e004897d1a64659ab011c1b6ac0160_arm64", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:e416e186379ff67d7fd8b830de8cf0ba24e004897d1a64659ab011c1b6ac0160_arm64", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:e416e186379ff67d7fd8b830de8cf0ba24e004897d1a64659ab011c1b6ac0160_arm64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:e416e186379ff67d7fd8b830de8cf0ba24e004897d1a64659ab011c1b6ac0160?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.12.3-4" } } } ], "category": "architecture", "name": "arm64" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:42633acdcfc013a327bcd30f4fb3eb8f057587caffa52c5849d0a9d1c5e45ce5_s390x", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:42633acdcfc013a327bcd30f4fb3eb8f057587caffa52c5849d0a9d1c5e45ce5_s390x", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:42633acdcfc013a327bcd30f4fb3eb8f057587caffa52c5849d0a9d1c5e45ce5_s390x", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:42633acdcfc013a327bcd30f4fb3eb8f057587caffa52c5849d0a9d1c5e45ce5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:90b9703fc05ae0fea66449f84cbed3d65e1265a94b3b9e7b56128655765481a7_s390x", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:90b9703fc05ae0fea66449f84cbed3d65e1265a94b3b9e7b56128655765481a7_s390x", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:90b9703fc05ae0fea66449f84cbed3d65e1265a94b3b9e7b56128655765481a7_s390x", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:90b9703fc05ae0fea66449f84cbed3d65e1265a94b3b9e7b56128655765481a7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:1d7a9883dc35ede864197d7170929e7fbd5fed5e331785719328cb3a27ea7770_s390x", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:1d7a9883dc35ede864197d7170929e7fbd5fed5e331785719328cb3a27ea7770_s390x", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:1d7a9883dc35ede864197d7170929e7fbd5fed5e331785719328cb3a27ea7770_s390x", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:1d7a9883dc35ede864197d7170929e7fbd5fed5e331785719328cb3a27ea7770?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:74ecef2e1fd133dbd4db27d25dafc711e0a041cb53f31085a67d8e18db4e0045_s390x", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:74ecef2e1fd133dbd4db27d25dafc711e0a041cb53f31085a67d8e18db4e0045_s390x", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:74ecef2e1fd133dbd4db27d25dafc711e0a041cb53f31085a67d8e18db4e0045_s390x", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:74ecef2e1fd133dbd4db27d25dafc711e0a041cb53f31085a67d8e18db4e0045?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:2d5f73229fa9c96e880f79390360626f8f43999a2264f5cb44873aa6226f8c93_s390x", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:2d5f73229fa9c96e880f79390360626f8f43999a2264f5cb44873aa6226f8c93_s390x", "product_id": "openshift-gitops-1/dex-rhel8@sha256:2d5f73229fa9c96e880f79390360626f8f43999a2264f5cb44873aa6226f8c93_s390x", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:2d5f73229fa9c96e880f79390360626f8f43999a2264f5cb44873aa6226f8c93?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2a71959e7e973f025f0e97988e8ecdcda7bd8e586abe16ec273d43b3b607a69e_s390x", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2a71959e7e973f025f0e97988e8ecdcda7bd8e586abe16ec273d43b3b607a69e_s390x", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:2a71959e7e973f025f0e97988e8ecdcda7bd8e586abe16ec273d43b3b607a69e_s390x", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:2a71959e7e973f025f0e97988e8ecdcda7bd8e586abe16ec273d43b3b607a69e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:365e0c1afd6f37b97a2d65869301ed8d453af12082e3b9ddc839005542fa5f7e_s390x", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:365e0c1afd6f37b97a2d65869301ed8d453af12082e3b9ddc839005542fa5f7e_s390x", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:365e0c1afd6f37b97a2d65869301ed8d453af12082e3b9ddc839005542fa5f7e_s390x", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:365e0c1afd6f37b97a2d65869301ed8d453af12082e3b9ddc839005542fa5f7e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.12.3-4" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:56ece8c43387aac7f0abb59dd1ae150522d5bb3bdd7a9053723bdc44d6c30a17_s390x", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:56ece8c43387aac7f0abb59dd1ae150522d5bb3bdd7a9053723bdc44d6c30a17_s390x", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:56ece8c43387aac7f0abb59dd1ae150522d5bb3bdd7a9053723bdc44d6c30a17_s390x", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:56ece8c43387aac7f0abb59dd1ae150522d5bb3bdd7a9053723bdc44d6c30a17?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.12.3-4" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:68a55e1bd9353f39a908a968308da01bd5d2c748ddd01e48690fd7704e1ad76f_amd64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:68a55e1bd9353f39a908a968308da01bd5d2c748ddd01e48690fd7704e1ad76f_amd64" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:68a55e1bd9353f39a908a968308da01bd5d2c748ddd01e48690fd7704e1ad76f_amd64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:90b9703fc05ae0fea66449f84cbed3d65e1265a94b3b9e7b56128655765481a7_s390x as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:90b9703fc05ae0fea66449f84cbed3d65e1265a94b3b9e7b56128655765481a7_s390x" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:90b9703fc05ae0fea66449f84cbed3d65e1265a94b3b9e7b56128655765481a7_s390x", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:b10bdc2d2da9da113fbc8db917475fe669f35d3a8024fa2d688720a7111392f2_ppc64le as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:b10bdc2d2da9da113fbc8db917475fe669f35d3a8024fa2d688720a7111392f2_ppc64le" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:b10bdc2d2da9da113fbc8db917475fe669f35d3a8024fa2d688720a7111392f2_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:dfc1fa067d02b42535e1a1caa76b4260e35f45420837da60fe7fa139e013192e_arm64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:dfc1fa067d02b42535e1a1caa76b4260e35f45420837da60fe7fa139e013192e_arm64" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:dfc1fa067d02b42535e1a1caa76b4260e35f45420837da60fe7fa139e013192e_arm64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:42633acdcfc013a327bcd30f4fb3eb8f057587caffa52c5849d0a9d1c5e45ce5_s390x as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:42633acdcfc013a327bcd30f4fb3eb8f057587caffa52c5849d0a9d1c5e45ce5_s390x" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:42633acdcfc013a327bcd30f4fb3eb8f057587caffa52c5849d0a9d1c5e45ce5_s390x", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:755ed5fa7ec7fe6ab0eaece585de1467f75aa9a77ab1fe3a10978a856ed34e6d_amd64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:755ed5fa7ec7fe6ab0eaece585de1467f75aa9a77ab1fe3a10978a856ed34e6d_amd64" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:755ed5fa7ec7fe6ab0eaece585de1467f75aa9a77ab1fe3a10978a856ed34e6d_amd64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:8a97de100b5377ccf3efaafcdc9b4bb6fc31ca44cb8310aab7b13c9392408201_arm64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:8a97de100b5377ccf3efaafcdc9b4bb6fc31ca44cb8310aab7b13c9392408201_arm64" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:8a97de100b5377ccf3efaafcdc9b4bb6fc31ca44cb8310aab7b13c9392408201_arm64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:eab1fd0bbe9de639d3291202b29211016489dd008b809ea331d85135f52e17bf_ppc64le as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:eab1fd0bbe9de639d3291202b29211016489dd008b809ea331d85135f52e17bf_ppc64le" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:eab1fd0bbe9de639d3291202b29211016489dd008b809ea331d85135f52e17bf_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:0938da95911ba88faa3a2d6edaf02d9875f21c633e86c1a6fb261f34cb4c9605_arm64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:0938da95911ba88faa3a2d6edaf02d9875f21c633e86c1a6fb261f34cb4c9605_arm64" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:0938da95911ba88faa3a2d6edaf02d9875f21c633e86c1a6fb261f34cb4c9605_arm64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:1d7a9883dc35ede864197d7170929e7fbd5fed5e331785719328cb3a27ea7770_s390x as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:1d7a9883dc35ede864197d7170929e7fbd5fed5e331785719328cb3a27ea7770_s390x" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:1d7a9883dc35ede864197d7170929e7fbd5fed5e331785719328cb3a27ea7770_s390x", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:5316dda07e6091408343a6edba9693cef522b279b135fd061d8cb79d78708b54_amd64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:5316dda07e6091408343a6edba9693cef522b279b135fd061d8cb79d78708b54_amd64" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:5316dda07e6091408343a6edba9693cef522b279b135fd061d8cb79d78708b54_amd64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:c26c1ffe6fdfc7182ed1f925e552f0e4fc9d6ad4479f1fe2e1acbf0379c6a7fa_ppc64le as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:c26c1ffe6fdfc7182ed1f925e552f0e4fc9d6ad4479f1fe2e1acbf0379c6a7fa_ppc64le" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:c26c1ffe6fdfc7182ed1f925e552f0e4fc9d6ad4479f1fe2e1acbf0379c6a7fa_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:2d5f73229fa9c96e880f79390360626f8f43999a2264f5cb44873aa6226f8c93_s390x as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:2d5f73229fa9c96e880f79390360626f8f43999a2264f5cb44873aa6226f8c93_s390x" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:2d5f73229fa9c96e880f79390360626f8f43999a2264f5cb44873aa6226f8c93_s390x", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:71716eaf6e424c2c9ed15360a09a9a9a31d30afb0c3872a1d1d83068e6aaa7b9_arm64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:71716eaf6e424c2c9ed15360a09a9a9a31d30afb0c3872a1d1d83068e6aaa7b9_arm64" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:71716eaf6e424c2c9ed15360a09a9a9a31d30afb0c3872a1d1d83068e6aaa7b9_arm64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:84f07a0dfc6466e124cfbcddfb40bef5d1c2160ef1368cdd763e263f0dba309b_ppc64le as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:84f07a0dfc6466e124cfbcddfb40bef5d1c2160ef1368cdd763e263f0dba309b_ppc64le" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:84f07a0dfc6466e124cfbcddfb40bef5d1c2160ef1368cdd763e263f0dba309b_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:9357c7a93739df97d4e62e1d9e6b9ba9d3b940165f0d579070fca73a3fdb8e83_amd64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:9357c7a93739df97d4e62e1d9e6b9ba9d3b940165f0d579070fca73a3fdb8e83_amd64" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:9357c7a93739df97d4e62e1d9e6b9ba9d3b940165f0d579070fca73a3fdb8e83_amd64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-operator-bundle@sha256:3da4a6840665ba50c699bf22a7258ee5f6912c589a3a1b278caa887c877bf9f2_amd64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:3da4a6840665ba50c699bf22a7258ee5f6912c589a3a1b278caa887c877bf9f2_amd64" }, "product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:3da4a6840665ba50c699bf22a7258ee5f6912c589a3a1b278caa887c877bf9f2_amd64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:56ece8c43387aac7f0abb59dd1ae150522d5bb3bdd7a9053723bdc44d6c30a17_s390x as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:56ece8c43387aac7f0abb59dd1ae150522d5bb3bdd7a9053723bdc44d6c30a17_s390x" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:56ece8c43387aac7f0abb59dd1ae150522d5bb3bdd7a9053723bdc44d6c30a17_s390x", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:736695a8d2d7e22c0a061fcd3c38bf8f4ff9fb7cae6d7ecf0b20cbfd5bccb252_ppc64le as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:736695a8d2d7e22c0a061fcd3c38bf8f4ff9fb7cae6d7ecf0b20cbfd5bccb252_ppc64le" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:736695a8d2d7e22c0a061fcd3c38bf8f4ff9fb7cae6d7ecf0b20cbfd5bccb252_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:8ad3dac8f66626104cfa06fcf913db665528923fe48b26726cfa36a826f4017d_amd64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:8ad3dac8f66626104cfa06fcf913db665528923fe48b26726cfa36a826f4017d_amd64" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:8ad3dac8f66626104cfa06fcf913db665528923fe48b26726cfa36a826f4017d_amd64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:e416e186379ff67d7fd8b830de8cf0ba24e004897d1a64659ab011c1b6ac0160_arm64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:e416e186379ff67d7fd8b830de8cf0ba24e004897d1a64659ab011c1b6ac0160_arm64" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:e416e186379ff67d7fd8b830de8cf0ba24e004897d1a64659ab011c1b6ac0160_arm64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:05cd8f780df5189690fcf7c70a0d3f2d7472fbaf0b9b95cf9950c65e96d27984_amd64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:05cd8f780df5189690fcf7c70a0d3f2d7472fbaf0b9b95cf9950c65e96d27984_amd64" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:05cd8f780df5189690fcf7c70a0d3f2d7472fbaf0b9b95cf9950c65e96d27984_amd64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:22b76c1375dea7b506e354c72363cfa5dc0b7073f67ca7591bae2d0816f7f547_arm64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:22b76c1375dea7b506e354c72363cfa5dc0b7073f67ca7591bae2d0816f7f547_arm64" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:22b76c1375dea7b506e354c72363cfa5dc0b7073f67ca7591bae2d0816f7f547_arm64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:3f394bcdfa8421cbf9c3ecfa47065a9c6e3b0d570cb038f5a4e5b3e908711ed6_ppc64le as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:3f394bcdfa8421cbf9c3ecfa47065a9c6e3b0d570cb038f5a4e5b3e908711ed6_ppc64le" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:3f394bcdfa8421cbf9c3ecfa47065a9c6e3b0d570cb038f5a4e5b3e908711ed6_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:74ecef2e1fd133dbd4db27d25dafc711e0a041cb53f31085a67d8e18db4e0045_s390x as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:74ecef2e1fd133dbd4db27d25dafc711e0a041cb53f31085a67d8e18db4e0045_s390x" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:74ecef2e1fd133dbd4db27d25dafc711e0a041cb53f31085a67d8e18db4e0045_s390x", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:092e6b9a6b22e3b67e3306beaed42f4ebe671c6d76ef83cb8872d8fce9904298_arm64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:092e6b9a6b22e3b67e3306beaed42f4ebe671c6d76ef83cb8872d8fce9904298_arm64" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:092e6b9a6b22e3b67e3306beaed42f4ebe671c6d76ef83cb8872d8fce9904298_arm64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2a71959e7e973f025f0e97988e8ecdcda7bd8e586abe16ec273d43b3b607a69e_s390x as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2a71959e7e973f025f0e97988e8ecdcda7bd8e586abe16ec273d43b3b607a69e_s390x" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:2a71959e7e973f025f0e97988e8ecdcda7bd8e586abe16ec273d43b3b607a69e_s390x", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2c397a92051335f4b81874c7e6c3ae02207caeeabba8268b28a1202a673c5a85_amd64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2c397a92051335f4b81874c7e6c3ae02207caeeabba8268b28a1202a673c5a85_amd64" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:2c397a92051335f4b81874c7e6c3ae02207caeeabba8268b28a1202a673c5a85_amd64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:647ae1980151675b2db5275f7fbe6df809e18465531e3f917f622e77340bf3f3_ppc64le as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:647ae1980151675b2db5275f7fbe6df809e18465531e3f917f622e77340bf3f3_ppc64le" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:647ae1980151675b2db5275f7fbe6df809e18465531e3f917f622e77340bf3f3_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:2f57e391a8a521ca5676fc60c3d09dc9791ab020bcb6ac2af1469b402ed44c13_amd64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:2f57e391a8a521ca5676fc60c3d09dc9791ab020bcb6ac2af1469b402ed44c13_amd64" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:2f57e391a8a521ca5676fc60c3d09dc9791ab020bcb6ac2af1469b402ed44c13_amd64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:365e0c1afd6f37b97a2d65869301ed8d453af12082e3b9ddc839005542fa5f7e_s390x as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:365e0c1afd6f37b97a2d65869301ed8d453af12082e3b9ddc839005542fa5f7e_s390x" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:365e0c1afd6f37b97a2d65869301ed8d453af12082e3b9ddc839005542fa5f7e_s390x", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:a9078be71cd9e21c0f481d1c3d9a497fdf7e7b92b144294319d7229039122d31_arm64 as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:a9078be71cd9e21c0f481d1c3d9a497fdf7e7b92b144294319d7229039122d31_arm64" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:a9078be71cd9e21c0f481d1c3d9a497fdf7e7b92b144294319d7229039122d31_arm64", "relates_to_product_reference": "8Base-GitOps-1.12" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:c634cc4b744bedd76eb7c170b9e27292f9afad1b193f470acd8b2ee77063bac2_ppc64le as a component of Red Hat OpenShift GitOps 1.12", "product_id": "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:c634cc4b744bedd76eb7c170b9e27292f9afad1b193f470acd8b2ee77063bac2_ppc64le" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:c634cc4b744bedd76eb7c170b9e27292f9afad1b193f470acd8b2ee77063bac2_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.12" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-31989", "cwe": { "id": "CWE-1240", "name": "Use of a Cryptographic Primitive with a Risky Implementation" }, "discovery_date": "2024-05-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2280218" } ], "notes": [ { "category": "description", "text": "A flaw was found in the ArgoCD Redis database server. This flaw allows an attacker with access to the Redis server to gain read/write access to the data in Redis. The attacker can also modify the \"mfst\" (manifest) key to cause ArgoCD to execute any deployment, potentially leveraging ArgoCD\u0027s high privileges to take over the cluster.", "title": "Vulnerability description" }, { "category": "summary", "text": "argocd: Use of Risky or Missing Cryptographic Algorithms in Redis Cache", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:68a55e1bd9353f39a908a968308da01bd5d2c748ddd01e48690fd7704e1ad76f_amd64", "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:90b9703fc05ae0fea66449f84cbed3d65e1265a94b3b9e7b56128655765481a7_s390x", "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:b10bdc2d2da9da113fbc8db917475fe669f35d3a8024fa2d688720a7111392f2_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:dfc1fa067d02b42535e1a1caa76b4260e35f45420837da60fe7fa139e013192e_arm64", "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:42633acdcfc013a327bcd30f4fb3eb8f057587caffa52c5849d0a9d1c5e45ce5_s390x", "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:755ed5fa7ec7fe6ab0eaece585de1467f75aa9a77ab1fe3a10978a856ed34e6d_amd64", "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:8a97de100b5377ccf3efaafcdc9b4bb6fc31ca44cb8310aab7b13c9392408201_arm64", "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:eab1fd0bbe9de639d3291202b29211016489dd008b809ea331d85135f52e17bf_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:0938da95911ba88faa3a2d6edaf02d9875f21c633e86c1a6fb261f34cb4c9605_arm64", "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:1d7a9883dc35ede864197d7170929e7fbd5fed5e331785719328cb3a27ea7770_s390x", "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:5316dda07e6091408343a6edba9693cef522b279b135fd061d8cb79d78708b54_amd64", "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:c26c1ffe6fdfc7182ed1f925e552f0e4fc9d6ad4479f1fe2e1acbf0379c6a7fa_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:2d5f73229fa9c96e880f79390360626f8f43999a2264f5cb44873aa6226f8c93_s390x", "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:71716eaf6e424c2c9ed15360a09a9a9a31d30afb0c3872a1d1d83068e6aaa7b9_arm64", "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:84f07a0dfc6466e124cfbcddfb40bef5d1c2160ef1368cdd763e263f0dba309b_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:9357c7a93739df97d4e62e1d9e6b9ba9d3b940165f0d579070fca73a3fdb8e83_amd64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:3da4a6840665ba50c699bf22a7258ee5f6912c589a3a1b278caa887c877bf9f2_amd64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:56ece8c43387aac7f0abb59dd1ae150522d5bb3bdd7a9053723bdc44d6c30a17_s390x", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:736695a8d2d7e22c0a061fcd3c38bf8f4ff9fb7cae6d7ecf0b20cbfd5bccb252_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:8ad3dac8f66626104cfa06fcf913db665528923fe48b26726cfa36a826f4017d_amd64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:e416e186379ff67d7fd8b830de8cf0ba24e004897d1a64659ab011c1b6ac0160_arm64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:05cd8f780df5189690fcf7c70a0d3f2d7472fbaf0b9b95cf9950c65e96d27984_amd64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:22b76c1375dea7b506e354c72363cfa5dc0b7073f67ca7591bae2d0816f7f547_arm64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:3f394bcdfa8421cbf9c3ecfa47065a9c6e3b0d570cb038f5a4e5b3e908711ed6_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:74ecef2e1fd133dbd4db27d25dafc711e0a041cb53f31085a67d8e18db4e0045_s390x", "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:092e6b9a6b22e3b67e3306beaed42f4ebe671c6d76ef83cb8872d8fce9904298_arm64", "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2a71959e7e973f025f0e97988e8ecdcda7bd8e586abe16ec273d43b3b607a69e_s390x", "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2c397a92051335f4b81874c7e6c3ae02207caeeabba8268b28a1202a673c5a85_amd64", "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:647ae1980151675b2db5275f7fbe6df809e18465531e3f917f622e77340bf3f3_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:2f57e391a8a521ca5676fc60c3d09dc9791ab020bcb6ac2af1469b402ed44c13_amd64", "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:365e0c1afd6f37b97a2d65869301ed8d453af12082e3b9ddc839005542fa5f7e_s390x", "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:a9078be71cd9e21c0f481d1c3d9a497fdf7e7b92b144294319d7229039122d31_arm64", "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:c634cc4b744bedd76eb7c170b9e27292f9afad1b193f470acd8b2ee77063bac2_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-31989" }, { "category": "external", "summary": "RHBZ#2280218", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280218" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-31989", "url": "https://www.cve.org/CVERecord?id=CVE-2024-31989" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-31989", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31989" }, { "category": "external", "summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr", "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr" } ], "release_date": "2024-05-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-28T08:22:42+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:68a55e1bd9353f39a908a968308da01bd5d2c748ddd01e48690fd7704e1ad76f_amd64", "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:90b9703fc05ae0fea66449f84cbed3d65e1265a94b3b9e7b56128655765481a7_s390x", "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:b10bdc2d2da9da113fbc8db917475fe669f35d3a8024fa2d688720a7111392f2_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:dfc1fa067d02b42535e1a1caa76b4260e35f45420837da60fe7fa139e013192e_arm64", "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:42633acdcfc013a327bcd30f4fb3eb8f057587caffa52c5849d0a9d1c5e45ce5_s390x", "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:755ed5fa7ec7fe6ab0eaece585de1467f75aa9a77ab1fe3a10978a856ed34e6d_amd64", "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:8a97de100b5377ccf3efaafcdc9b4bb6fc31ca44cb8310aab7b13c9392408201_arm64", "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:eab1fd0bbe9de639d3291202b29211016489dd008b809ea331d85135f52e17bf_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:0938da95911ba88faa3a2d6edaf02d9875f21c633e86c1a6fb261f34cb4c9605_arm64", "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:1d7a9883dc35ede864197d7170929e7fbd5fed5e331785719328cb3a27ea7770_s390x", "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:5316dda07e6091408343a6edba9693cef522b279b135fd061d8cb79d78708b54_amd64", "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:c26c1ffe6fdfc7182ed1f925e552f0e4fc9d6ad4479f1fe2e1acbf0379c6a7fa_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:2d5f73229fa9c96e880f79390360626f8f43999a2264f5cb44873aa6226f8c93_s390x", "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:71716eaf6e424c2c9ed15360a09a9a9a31d30afb0c3872a1d1d83068e6aaa7b9_arm64", "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:84f07a0dfc6466e124cfbcddfb40bef5d1c2160ef1368cdd763e263f0dba309b_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:9357c7a93739df97d4e62e1d9e6b9ba9d3b940165f0d579070fca73a3fdb8e83_amd64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:3da4a6840665ba50c699bf22a7258ee5f6912c589a3a1b278caa887c877bf9f2_amd64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:56ece8c43387aac7f0abb59dd1ae150522d5bb3bdd7a9053723bdc44d6c30a17_s390x", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:736695a8d2d7e22c0a061fcd3c38bf8f4ff9fb7cae6d7ecf0b20cbfd5bccb252_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:8ad3dac8f66626104cfa06fcf913db665528923fe48b26726cfa36a826f4017d_amd64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:e416e186379ff67d7fd8b830de8cf0ba24e004897d1a64659ab011c1b6ac0160_arm64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:05cd8f780df5189690fcf7c70a0d3f2d7472fbaf0b9b95cf9950c65e96d27984_amd64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:22b76c1375dea7b506e354c72363cfa5dc0b7073f67ca7591bae2d0816f7f547_arm64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:3f394bcdfa8421cbf9c3ecfa47065a9c6e3b0d570cb038f5a4e5b3e908711ed6_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:74ecef2e1fd133dbd4db27d25dafc711e0a041cb53f31085a67d8e18db4e0045_s390x", "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:092e6b9a6b22e3b67e3306beaed42f4ebe671c6d76ef83cb8872d8fce9904298_arm64", "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2a71959e7e973f025f0e97988e8ecdcda7bd8e586abe16ec273d43b3b607a69e_s390x", "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2c397a92051335f4b81874c7e6c3ae02207caeeabba8268b28a1202a673c5a85_amd64", "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:647ae1980151675b2db5275f7fbe6df809e18465531e3f917f622e77340bf3f3_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:2f57e391a8a521ca5676fc60c3d09dc9791ab020bcb6ac2af1469b402ed44c13_amd64", "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:365e0c1afd6f37b97a2d65869301ed8d453af12082e3b9ddc839005542fa5f7e_s390x", "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:a9078be71cd9e21c0f481d1c3d9a497fdf7e7b92b144294319d7229039122d31_arm64", "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:c634cc4b744bedd76eb7c170b9e27292f9afad1b193f470acd8b2ee77063bac2_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3368" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:68a55e1bd9353f39a908a968308da01bd5d2c748ddd01e48690fd7704e1ad76f_amd64", "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:90b9703fc05ae0fea66449f84cbed3d65e1265a94b3b9e7b56128655765481a7_s390x", "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:b10bdc2d2da9da113fbc8db917475fe669f35d3a8024fa2d688720a7111392f2_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:dfc1fa067d02b42535e1a1caa76b4260e35f45420837da60fe7fa139e013192e_arm64", "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:42633acdcfc013a327bcd30f4fb3eb8f057587caffa52c5849d0a9d1c5e45ce5_s390x", "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:755ed5fa7ec7fe6ab0eaece585de1467f75aa9a77ab1fe3a10978a856ed34e6d_amd64", "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:8a97de100b5377ccf3efaafcdc9b4bb6fc31ca44cb8310aab7b13c9392408201_arm64", "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:eab1fd0bbe9de639d3291202b29211016489dd008b809ea331d85135f52e17bf_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:0938da95911ba88faa3a2d6edaf02d9875f21c633e86c1a6fb261f34cb4c9605_arm64", "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:1d7a9883dc35ede864197d7170929e7fbd5fed5e331785719328cb3a27ea7770_s390x", "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:5316dda07e6091408343a6edba9693cef522b279b135fd061d8cb79d78708b54_amd64", "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:c26c1ffe6fdfc7182ed1f925e552f0e4fc9d6ad4479f1fe2e1acbf0379c6a7fa_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:2d5f73229fa9c96e880f79390360626f8f43999a2264f5cb44873aa6226f8c93_s390x", "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:71716eaf6e424c2c9ed15360a09a9a9a31d30afb0c3872a1d1d83068e6aaa7b9_arm64", "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:84f07a0dfc6466e124cfbcddfb40bef5d1c2160ef1368cdd763e263f0dba309b_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:9357c7a93739df97d4e62e1d9e6b9ba9d3b940165f0d579070fca73a3fdb8e83_amd64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:3da4a6840665ba50c699bf22a7258ee5f6912c589a3a1b278caa887c877bf9f2_amd64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:56ece8c43387aac7f0abb59dd1ae150522d5bb3bdd7a9053723bdc44d6c30a17_s390x", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:736695a8d2d7e22c0a061fcd3c38bf8f4ff9fb7cae6d7ecf0b20cbfd5bccb252_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:8ad3dac8f66626104cfa06fcf913db665528923fe48b26726cfa36a826f4017d_amd64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:e416e186379ff67d7fd8b830de8cf0ba24e004897d1a64659ab011c1b6ac0160_arm64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:05cd8f780df5189690fcf7c70a0d3f2d7472fbaf0b9b95cf9950c65e96d27984_amd64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:22b76c1375dea7b506e354c72363cfa5dc0b7073f67ca7591bae2d0816f7f547_arm64", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:3f394bcdfa8421cbf9c3ecfa47065a9c6e3b0d570cb038f5a4e5b3e908711ed6_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:74ecef2e1fd133dbd4db27d25dafc711e0a041cb53f31085a67d8e18db4e0045_s390x", "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:092e6b9a6b22e3b67e3306beaed42f4ebe671c6d76ef83cb8872d8fce9904298_arm64", "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2a71959e7e973f025f0e97988e8ecdcda7bd8e586abe16ec273d43b3b607a69e_s390x", "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2c397a92051335f4b81874c7e6c3ae02207caeeabba8268b28a1202a673c5a85_amd64", "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:647ae1980151675b2db5275f7fbe6df809e18465531e3f917f622e77340bf3f3_ppc64le", "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:2f57e391a8a521ca5676fc60c3d09dc9791ab020bcb6ac2af1469b402ed44c13_amd64", "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:365e0c1afd6f37b97a2d65869301ed8d453af12082e3b9ddc839005542fa5f7e_s390x", "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:a9078be71cd9e21c0f481d1c3d9a497fdf7e7b92b144294319d7229039122d31_arm64", "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:c634cc4b744bedd76eb7c170b9e27292f9afad1b193f470acd8b2ee77063bac2_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "argocd: Use of Risky or Missing Cryptographic Algorithms in Redis Cache" } ] }
rhsa-2024_3475
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat OpenShift GitOps v1.11.5 to address the CVE-2024-31989, Unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Errata Advisory for Red Hat OpenShift GitOps v1.11.5\n\nSecurity Fix(es):\n\n* CVE-2024-31989 argocd: An update is now available for Red Hat OpenShift GitOps v1.11.5 to address the CVE-2024-31989, unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379.\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:3475", "url": "https://access.redhat.com/errata/RHSA-2024:3475" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2280218", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280218" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3475.json" } ], "title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.11.5 security update", "tracking": { "current_release_date": "2024-11-06T06:01:06+00:00", "generator": { "date": "2024-11-06T06:01:06+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2024:3475", "initial_release_date": "2024-05-29T17:45:14+00:00", "revision_history": [ { "date": "2024-05-29T17:45:14+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-05-29T17:45:15+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T06:01:06+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift GitOps 1.11", "product": { "name": "Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_gitops:1.11::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift GitOps" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:6120ce466454abbe0af5c595f5d5eaeba7ab8f6574a58a4e48fc75e37fb282f3_ppc64le", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:6120ce466454abbe0af5c595f5d5eaeba7ab8f6574a58a4e48fc75e37fb282f3_ppc64le", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:6120ce466454abbe0af5c595f5d5eaeba7ab8f6574a58a4e48fc75e37fb282f3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:6120ce466454abbe0af5c595f5d5eaeba7ab8f6574a58a4e48fc75e37fb282f3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f12f0675c95873771db64474d94267adc65459551f34f87981e86800dd02e_ppc64le", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f12f0675c95873771db64474d94267adc65459551f34f87981e86800dd02e_ppc64le", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f12f0675c95873771db64474d94267adc65459551f34f87981e86800dd02e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:6e7f12f0675c95873771db64474d94267adc65459551f34f87981e86800dd02e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:bbeb98c04cd3ba61eace67c37c4adea853d8fa5f399331ccf819dc0dcc727283_ppc64le", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:bbeb98c04cd3ba61eace67c37c4adea853d8fa5f399331ccf819dc0dcc727283_ppc64le", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:bbeb98c04cd3ba61eace67c37c4adea853d8fa5f399331ccf819dc0dcc727283_ppc64le", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:bbeb98c04cd3ba61eace67c37c4adea853d8fa5f399331ccf819dc0dcc727283?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:fe41a4edef343e6157551299059aeb843e530388f2964d0c8185262e4e1d7b93_ppc64le", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:fe41a4edef343e6157551299059aeb843e530388f2964d0c8185262e4e1d7b93_ppc64le", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:fe41a4edef343e6157551299059aeb843e530388f2964d0c8185262e4e1d7b93_ppc64le", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:fe41a4edef343e6157551299059aeb843e530388f2964d0c8185262e4e1d7b93?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:bd06095ff4d751cc803e4e11b58a5dd13f4a4b09ae82a270c52e0aba0c5959b3_ppc64le", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:bd06095ff4d751cc803e4e11b58a5dd13f4a4b09ae82a270c52e0aba0c5959b3_ppc64le", "product_id": "openshift-gitops-1/dex-rhel8@sha256:bd06095ff4d751cc803e4e11b58a5dd13f4a4b09ae82a270c52e0aba0c5959b3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:bd06095ff4d751cc803e4e11b58a5dd13f4a4b09ae82a270c52e0aba0c5959b3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:73355f71611cadf04b6733c62961805ffd2b59524afc917665f50bf3e3645613_ppc64le", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:73355f71611cadf04b6733c62961805ffd2b59524afc917665f50bf3e3645613_ppc64le", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:73355f71611cadf04b6733c62961805ffd2b59524afc917665f50bf3e3645613_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:73355f71611cadf04b6733c62961805ffd2b59524afc917665f50bf3e3645613?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:270f878d78cfab355b6df30341b7775420110da2ee8e5f8aa2c20b6b75dcf905_ppc64le", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:270f878d78cfab355b6df30341b7775420110da2ee8e5f8aa2c20b6b75dcf905_ppc64le", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:270f878d78cfab355b6df30341b7775420110da2ee8e5f8aa2c20b6b75dcf905_ppc64le", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:270f878d78cfab355b6df30341b7775420110da2ee8e5f8aa2c20b6b75dcf905?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:243efd0ad21a3213d82dddd842c2518a8e30368fd8b8ebc255ed8215784961a1_ppc64le", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:243efd0ad21a3213d82dddd842c2518a8e30368fd8b8ebc255ed8215784961a1_ppc64le", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:243efd0ad21a3213d82dddd842c2518a8e30368fd8b8ebc255ed8215784961a1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:243efd0ad21a3213d82dddd842c2518a8e30368fd8b8ebc255ed8215784961a1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.5-3" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:5740496753c2361e8e92c6ae10fc514f04fd4be2431937441c37d683d59a93d8_s390x", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:5740496753c2361e8e92c6ae10fc514f04fd4be2431937441c37d683d59a93d8_s390x", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:5740496753c2361e8e92c6ae10fc514f04fd4be2431937441c37d683d59a93d8_s390x", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:5740496753c2361e8e92c6ae10fc514f04fd4be2431937441c37d683d59a93d8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:06fc8566a1cfbdb2f1ed125bd71014702e19544bb0179e301f50b739f550a4be_s390x", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:06fc8566a1cfbdb2f1ed125bd71014702e19544bb0179e301f50b739f550a4be_s390x", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:06fc8566a1cfbdb2f1ed125bd71014702e19544bb0179e301f50b739f550a4be_s390x", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:06fc8566a1cfbdb2f1ed125bd71014702e19544bb0179e301f50b739f550a4be?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:8002f248c7839ad4711786c44633df8c63cd36b17076de350db5762ecaad3d29_s390x", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:8002f248c7839ad4711786c44633df8c63cd36b17076de350db5762ecaad3d29_s390x", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:8002f248c7839ad4711786c44633df8c63cd36b17076de350db5762ecaad3d29_s390x", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:8002f248c7839ad4711786c44633df8c63cd36b17076de350db5762ecaad3d29?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:eb888417cf8c3503bebc1fe2537d1a5a640d80a2a3bc2e88564cdbd46764a7c3_s390x", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:eb888417cf8c3503bebc1fe2537d1a5a640d80a2a3bc2e88564cdbd46764a7c3_s390x", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:eb888417cf8c3503bebc1fe2537d1a5a640d80a2a3bc2e88564cdbd46764a7c3_s390x", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:eb888417cf8c3503bebc1fe2537d1a5a640d80a2a3bc2e88564cdbd46764a7c3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:1c2505f0cdf01630f1601e47916a0bdbd896bcaa794f3d333206cd474edec7d1_s390x", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:1c2505f0cdf01630f1601e47916a0bdbd896bcaa794f3d333206cd474edec7d1_s390x", "product_id": "openshift-gitops-1/dex-rhel8@sha256:1c2505f0cdf01630f1601e47916a0bdbd896bcaa794f3d333206cd474edec7d1_s390x", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:1c2505f0cdf01630f1601e47916a0bdbd896bcaa794f3d333206cd474edec7d1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:155c354acb1e8251839fa10700d59c15522efd6b13d1fdeef58bac6b66a249e5_s390x", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:155c354acb1e8251839fa10700d59c15522efd6b13d1fdeef58bac6b66a249e5_s390x", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:155c354acb1e8251839fa10700d59c15522efd6b13d1fdeef58bac6b66a249e5_s390x", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:155c354acb1e8251839fa10700d59c15522efd6b13d1fdeef58bac6b66a249e5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:1ec5ee1a0051c79bf73fcabda81e3bf6464a888634a2d1d3bd50dee0385f8475_s390x", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:1ec5ee1a0051c79bf73fcabda81e3bf6464a888634a2d1d3bd50dee0385f8475_s390x", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:1ec5ee1a0051c79bf73fcabda81e3bf6464a888634a2d1d3bd50dee0385f8475_s390x", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:1ec5ee1a0051c79bf73fcabda81e3bf6464a888634a2d1d3bd50dee0385f8475?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:477b4677f1f4a87c44d78c0e81ea7e312189921b70597dfed8042f4ee9cf88eb_s390x", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:477b4677f1f4a87c44d78c0e81ea7e312189921b70597dfed8042f4ee9cf88eb_s390x", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:477b4677f1f4a87c44d78c0e81ea7e312189921b70597dfed8042f4ee9cf88eb_s390x", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:477b4677f1f4a87c44d78c0e81ea7e312189921b70597dfed8042f4ee9cf88eb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.5-3" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:87533903151ce49782aaaeeffe0fd62be115e597d91ac2040305c1fa5c77c53e_arm64", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:87533903151ce49782aaaeeffe0fd62be115e597d91ac2040305c1fa5c77c53e_arm64", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:87533903151ce49782aaaeeffe0fd62be115e597d91ac2040305c1fa5c77c53e_arm64", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:87533903151ce49782aaaeeffe0fd62be115e597d91ac2040305c1fa5c77c53e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:d94a51a1973c588321cba6d6c983f18512eeb4d1435cc2d2d11a0f655c4e6459_arm64", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:d94a51a1973c588321cba6d6c983f18512eeb4d1435cc2d2d11a0f655c4e6459_arm64", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:d94a51a1973c588321cba6d6c983f18512eeb4d1435cc2d2d11a0f655c4e6459_arm64", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:d94a51a1973c588321cba6d6c983f18512eeb4d1435cc2d2d11a0f655c4e6459?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:00137bee6c32d7846f2ad59f6cb9a83cd6a3fa6c99ea5cb8e7babf43a03d90ee_arm64", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:00137bee6c32d7846f2ad59f6cb9a83cd6a3fa6c99ea5cb8e7babf43a03d90ee_arm64", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:00137bee6c32d7846f2ad59f6cb9a83cd6a3fa6c99ea5cb8e7babf43a03d90ee_arm64", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:00137bee6c32d7846f2ad59f6cb9a83cd6a3fa6c99ea5cb8e7babf43a03d90ee?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:df921fbc40d2da42048119d869952a12d1568efc79d6f87b63a4f5616bddb572_arm64", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:df921fbc40d2da42048119d869952a12d1568efc79d6f87b63a4f5616bddb572_arm64", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:df921fbc40d2da42048119d869952a12d1568efc79d6f87b63a4f5616bddb572_arm64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:df921fbc40d2da42048119d869952a12d1568efc79d6f87b63a4f5616bddb572?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:f8f749f0825ca82d63a7245f67928455083d99bee615182e90ea58c5bf41eff2_arm64", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:f8f749f0825ca82d63a7245f67928455083d99bee615182e90ea58c5bf41eff2_arm64", "product_id": "openshift-gitops-1/dex-rhel8@sha256:f8f749f0825ca82d63a7245f67928455083d99bee615182e90ea58c5bf41eff2_arm64", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:f8f749f0825ca82d63a7245f67928455083d99bee615182e90ea58c5bf41eff2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:8d3564c0b26d6573ab33ea9a9845394396f6cc8422ab7b1108978c2be2495457_arm64", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:8d3564c0b26d6573ab33ea9a9845394396f6cc8422ab7b1108978c2be2495457_arm64", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:8d3564c0b26d6573ab33ea9a9845394396f6cc8422ab7b1108978c2be2495457_arm64", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:8d3564c0b26d6573ab33ea9a9845394396f6cc8422ab7b1108978c2be2495457?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:d9b862b94a9620a43ad17c2dec419dddf98282f7db3ef0b008761238b3e2103d_arm64", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:d9b862b94a9620a43ad17c2dec419dddf98282f7db3ef0b008761238b3e2103d_arm64", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:d9b862b94a9620a43ad17c2dec419dddf98282f7db3ef0b008761238b3e2103d_arm64", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:d9b862b94a9620a43ad17c2dec419dddf98282f7db3ef0b008761238b3e2103d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:6c453b7135a9a3493e3aa8a95677bce041c93678b5b4c6c884c163396da426f0_arm64", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:6c453b7135a9a3493e3aa8a95677bce041c93678b5b4c6c884c163396da426f0_arm64", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:6c453b7135a9a3493e3aa8a95677bce041c93678b5b4c6c884c163396da426f0_arm64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:6c453b7135a9a3493e3aa8a95677bce041c93678b5b4c6c884c163396da426f0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.5-3" } } } ], "category": "architecture", "name": "arm64" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:99651d795a65cacffc34179020c152910ab7782b0d6bfadebd0d80971a501ff2_amd64", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:99651d795a65cacffc34179020c152910ab7782b0d6bfadebd0d80971a501ff2_amd64", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:99651d795a65cacffc34179020c152910ab7782b0d6bfadebd0d80971a501ff2_amd64", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:99651d795a65cacffc34179020c152910ab7782b0d6bfadebd0d80971a501ff2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:b4b59e8f962ddd3daf5d170726815e5e7179f167223d8b503b690e6c47146bc5_amd64", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:b4b59e8f962ddd3daf5d170726815e5e7179f167223d8b503b690e6c47146bc5_amd64", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:b4b59e8f962ddd3daf5d170726815e5e7179f167223d8b503b690e6c47146bc5_amd64", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:b4b59e8f962ddd3daf5d170726815e5e7179f167223d8b503b690e6c47146bc5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:c6497194f930aa64f188223f49b34943e0a71dad17e7c9a6f3b46a840af28ef1_amd64", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:c6497194f930aa64f188223f49b34943e0a71dad17e7c9a6f3b46a840af28ef1_amd64", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:c6497194f930aa64f188223f49b34943e0a71dad17e7c9a6f3b46a840af28ef1_amd64", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:c6497194f930aa64f188223f49b34943e0a71dad17e7c9a6f3b46a840af28ef1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:67787e52e16eb0a1ff010a33eae05e90e35e6dda205029461b2020d6e7ee8d86_amd64", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:67787e52e16eb0a1ff010a33eae05e90e35e6dda205029461b2020d6e7ee8d86_amd64", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:67787e52e16eb0a1ff010a33eae05e90e35e6dda205029461b2020d6e7ee8d86_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:67787e52e16eb0a1ff010a33eae05e90e35e6dda205029461b2020d6e7ee8d86?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:4f0bd0fefebf3e1031bbe582715fa1ce94bd2ae5049dc5a832f2bea736cdffd4_amd64", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:4f0bd0fefebf3e1031bbe582715fa1ce94bd2ae5049dc5a832f2bea736cdffd4_amd64", "product_id": "openshift-gitops-1/dex-rhel8@sha256:4f0bd0fefebf3e1031bbe582715fa1ce94bd2ae5049dc5a832f2bea736cdffd4_amd64", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:4f0bd0fefebf3e1031bbe582715fa1ce94bd2ae5049dc5a832f2bea736cdffd4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:0a2d931084570e7e007fb4ab2bce16c2943680366dc236e7d9b747c86904a4e1_amd64", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:0a2d931084570e7e007fb4ab2bce16c2943680366dc236e7d9b747c86904a4e1_amd64", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:0a2d931084570e7e007fb4ab2bce16c2943680366dc236e7d9b747c86904a4e1_amd64", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:0a2d931084570e7e007fb4ab2bce16c2943680366dc236e7d9b747c86904a4e1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:661885ca6e56357da49f772e5c1c704121fba789519de90ebe08699ce2a1b64c_amd64", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:661885ca6e56357da49f772e5c1c704121fba789519de90ebe08699ce2a1b64c_amd64", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:661885ca6e56357da49f772e5c1c704121fba789519de90ebe08699ce2a1b64c_amd64", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:661885ca6e56357da49f772e5c1c704121fba789519de90ebe08699ce2a1b64c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-operator-bundle@sha256:88a72e0653b7393fc6857838932415a53c1e7592203eebb8ebde5a66ea5b8bb8_amd64", "product": { "name": "openshift-gitops-1/gitops-operator-bundle@sha256:88a72e0653b7393fc6857838932415a53c1e7592203eebb8ebde5a66ea5b8bb8_amd64", "product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:88a72e0653b7393fc6857838932415a53c1e7592203eebb8ebde5a66ea5b8bb8_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-operator-bundle@sha256:88a72e0653b7393fc6857838932415a53c1e7592203eebb8ebde5a66ea5b8bb8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.11.5-3" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:dd4c438f7935f52b8a4eee3ef1616737af58b841d4fee9525875e49dfb19a859_amd64", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:dd4c438f7935f52b8a4eee3ef1616737af58b841d4fee9525875e49dfb19a859_amd64", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:dd4c438f7935f52b8a4eee3ef1616737af58b841d4fee9525875e49dfb19a859_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:dd4c438f7935f52b8a4eee3ef1616737af58b841d4fee9525875e49dfb19a859?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.5-3" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:06fc8566a1cfbdb2f1ed125bd71014702e19544bb0179e301f50b739f550a4be_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:06fc8566a1cfbdb2f1ed125bd71014702e19544bb0179e301f50b739f550a4be_s390x" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:06fc8566a1cfbdb2f1ed125bd71014702e19544bb0179e301f50b739f550a4be_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f12f0675c95873771db64474d94267adc65459551f34f87981e86800dd02e_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f12f0675c95873771db64474d94267adc65459551f34f87981e86800dd02e_ppc64le" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f12f0675c95873771db64474d94267adc65459551f34f87981e86800dd02e_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:b4b59e8f962ddd3daf5d170726815e5e7179f167223d8b503b690e6c47146bc5_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:b4b59e8f962ddd3daf5d170726815e5e7179f167223d8b503b690e6c47146bc5_amd64" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:b4b59e8f962ddd3daf5d170726815e5e7179f167223d8b503b690e6c47146bc5_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:d94a51a1973c588321cba6d6c983f18512eeb4d1435cc2d2d11a0f655c4e6459_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:d94a51a1973c588321cba6d6c983f18512eeb4d1435cc2d2d11a0f655c4e6459_arm64" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:d94a51a1973c588321cba6d6c983f18512eeb4d1435cc2d2d11a0f655c4e6459_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:5740496753c2361e8e92c6ae10fc514f04fd4be2431937441c37d683d59a93d8_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:5740496753c2361e8e92c6ae10fc514f04fd4be2431937441c37d683d59a93d8_s390x" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:5740496753c2361e8e92c6ae10fc514f04fd4be2431937441c37d683d59a93d8_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:6120ce466454abbe0af5c595f5d5eaeba7ab8f6574a58a4e48fc75e37fb282f3_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:6120ce466454abbe0af5c595f5d5eaeba7ab8f6574a58a4e48fc75e37fb282f3_ppc64le" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:6120ce466454abbe0af5c595f5d5eaeba7ab8f6574a58a4e48fc75e37fb282f3_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:87533903151ce49782aaaeeffe0fd62be115e597d91ac2040305c1fa5c77c53e_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:87533903151ce49782aaaeeffe0fd62be115e597d91ac2040305c1fa5c77c53e_arm64" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:87533903151ce49782aaaeeffe0fd62be115e597d91ac2040305c1fa5c77c53e_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:99651d795a65cacffc34179020c152910ab7782b0d6bfadebd0d80971a501ff2_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:99651d795a65cacffc34179020c152910ab7782b0d6bfadebd0d80971a501ff2_amd64" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:99651d795a65cacffc34179020c152910ab7782b0d6bfadebd0d80971a501ff2_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:00137bee6c32d7846f2ad59f6cb9a83cd6a3fa6c99ea5cb8e7babf43a03d90ee_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:00137bee6c32d7846f2ad59f6cb9a83cd6a3fa6c99ea5cb8e7babf43a03d90ee_arm64" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:00137bee6c32d7846f2ad59f6cb9a83cd6a3fa6c99ea5cb8e7babf43a03d90ee_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:8002f248c7839ad4711786c44633df8c63cd36b17076de350db5762ecaad3d29_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:8002f248c7839ad4711786c44633df8c63cd36b17076de350db5762ecaad3d29_s390x" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:8002f248c7839ad4711786c44633df8c63cd36b17076de350db5762ecaad3d29_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:bbeb98c04cd3ba61eace67c37c4adea853d8fa5f399331ccf819dc0dcc727283_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:bbeb98c04cd3ba61eace67c37c4adea853d8fa5f399331ccf819dc0dcc727283_ppc64le" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:bbeb98c04cd3ba61eace67c37c4adea853d8fa5f399331ccf819dc0dcc727283_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:c6497194f930aa64f188223f49b34943e0a71dad17e7c9a6f3b46a840af28ef1_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:c6497194f930aa64f188223f49b34943e0a71dad17e7c9a6f3b46a840af28ef1_amd64" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:c6497194f930aa64f188223f49b34943e0a71dad17e7c9a6f3b46a840af28ef1_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:1c2505f0cdf01630f1601e47916a0bdbd896bcaa794f3d333206cd474edec7d1_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:1c2505f0cdf01630f1601e47916a0bdbd896bcaa794f3d333206cd474edec7d1_s390x" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:1c2505f0cdf01630f1601e47916a0bdbd896bcaa794f3d333206cd474edec7d1_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:4f0bd0fefebf3e1031bbe582715fa1ce94bd2ae5049dc5a832f2bea736cdffd4_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:4f0bd0fefebf3e1031bbe582715fa1ce94bd2ae5049dc5a832f2bea736cdffd4_amd64" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:4f0bd0fefebf3e1031bbe582715fa1ce94bd2ae5049dc5a832f2bea736cdffd4_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:bd06095ff4d751cc803e4e11b58a5dd13f4a4b09ae82a270c52e0aba0c5959b3_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:bd06095ff4d751cc803e4e11b58a5dd13f4a4b09ae82a270c52e0aba0c5959b3_ppc64le" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:bd06095ff4d751cc803e4e11b58a5dd13f4a4b09ae82a270c52e0aba0c5959b3_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:f8f749f0825ca82d63a7245f67928455083d99bee615182e90ea58c5bf41eff2_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:f8f749f0825ca82d63a7245f67928455083d99bee615182e90ea58c5bf41eff2_arm64" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:f8f749f0825ca82d63a7245f67928455083d99bee615182e90ea58c5bf41eff2_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-operator-bundle@sha256:88a72e0653b7393fc6857838932415a53c1e7592203eebb8ebde5a66ea5b8bb8_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:88a72e0653b7393fc6857838932415a53c1e7592203eebb8ebde5a66ea5b8bb8_amd64" }, "product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:88a72e0653b7393fc6857838932415a53c1e7592203eebb8ebde5a66ea5b8bb8_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:243efd0ad21a3213d82dddd842c2518a8e30368fd8b8ebc255ed8215784961a1_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:243efd0ad21a3213d82dddd842c2518a8e30368fd8b8ebc255ed8215784961a1_ppc64le" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:243efd0ad21a3213d82dddd842c2518a8e30368fd8b8ebc255ed8215784961a1_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:477b4677f1f4a87c44d78c0e81ea7e312189921b70597dfed8042f4ee9cf88eb_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:477b4677f1f4a87c44d78c0e81ea7e312189921b70597dfed8042f4ee9cf88eb_s390x" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:477b4677f1f4a87c44d78c0e81ea7e312189921b70597dfed8042f4ee9cf88eb_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:6c453b7135a9a3493e3aa8a95677bce041c93678b5b4c6c884c163396da426f0_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6c453b7135a9a3493e3aa8a95677bce041c93678b5b4c6c884c163396da426f0_arm64" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:6c453b7135a9a3493e3aa8a95677bce041c93678b5b4c6c884c163396da426f0_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:dd4c438f7935f52b8a4eee3ef1616737af58b841d4fee9525875e49dfb19a859_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:dd4c438f7935f52b8a4eee3ef1616737af58b841d4fee9525875e49dfb19a859_amd64" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:dd4c438f7935f52b8a4eee3ef1616737af58b841d4fee9525875e49dfb19a859_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:67787e52e16eb0a1ff010a33eae05e90e35e6dda205029461b2020d6e7ee8d86_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:67787e52e16eb0a1ff010a33eae05e90e35e6dda205029461b2020d6e7ee8d86_amd64" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:67787e52e16eb0a1ff010a33eae05e90e35e6dda205029461b2020d6e7ee8d86_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:df921fbc40d2da42048119d869952a12d1568efc79d6f87b63a4f5616bddb572_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:df921fbc40d2da42048119d869952a12d1568efc79d6f87b63a4f5616bddb572_arm64" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:df921fbc40d2da42048119d869952a12d1568efc79d6f87b63a4f5616bddb572_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:eb888417cf8c3503bebc1fe2537d1a5a640d80a2a3bc2e88564cdbd46764a7c3_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:eb888417cf8c3503bebc1fe2537d1a5a640d80a2a3bc2e88564cdbd46764a7c3_s390x" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:eb888417cf8c3503bebc1fe2537d1a5a640d80a2a3bc2e88564cdbd46764a7c3_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:fe41a4edef343e6157551299059aeb843e530388f2964d0c8185262e4e1d7b93_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:fe41a4edef343e6157551299059aeb843e530388f2964d0c8185262e4e1d7b93_ppc64le" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:fe41a4edef343e6157551299059aeb843e530388f2964d0c8185262e4e1d7b93_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:0a2d931084570e7e007fb4ab2bce16c2943680366dc236e7d9b747c86904a4e1_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:0a2d931084570e7e007fb4ab2bce16c2943680366dc236e7d9b747c86904a4e1_amd64" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:0a2d931084570e7e007fb4ab2bce16c2943680366dc236e7d9b747c86904a4e1_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:155c354acb1e8251839fa10700d59c15522efd6b13d1fdeef58bac6b66a249e5_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:155c354acb1e8251839fa10700d59c15522efd6b13d1fdeef58bac6b66a249e5_s390x" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:155c354acb1e8251839fa10700d59c15522efd6b13d1fdeef58bac6b66a249e5_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:73355f71611cadf04b6733c62961805ffd2b59524afc917665f50bf3e3645613_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:73355f71611cadf04b6733c62961805ffd2b59524afc917665f50bf3e3645613_ppc64le" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:73355f71611cadf04b6733c62961805ffd2b59524afc917665f50bf3e3645613_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:8d3564c0b26d6573ab33ea9a9845394396f6cc8422ab7b1108978c2be2495457_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8d3564c0b26d6573ab33ea9a9845394396f6cc8422ab7b1108978c2be2495457_arm64" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:8d3564c0b26d6573ab33ea9a9845394396f6cc8422ab7b1108978c2be2495457_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:1ec5ee1a0051c79bf73fcabda81e3bf6464a888634a2d1d3bd50dee0385f8475_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:1ec5ee1a0051c79bf73fcabda81e3bf6464a888634a2d1d3bd50dee0385f8475_s390x" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:1ec5ee1a0051c79bf73fcabda81e3bf6464a888634a2d1d3bd50dee0385f8475_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:270f878d78cfab355b6df30341b7775420110da2ee8e5f8aa2c20b6b75dcf905_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:270f878d78cfab355b6df30341b7775420110da2ee8e5f8aa2c20b6b75dcf905_ppc64le" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:270f878d78cfab355b6df30341b7775420110da2ee8e5f8aa2c20b6b75dcf905_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:661885ca6e56357da49f772e5c1c704121fba789519de90ebe08699ce2a1b64c_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:661885ca6e56357da49f772e5c1c704121fba789519de90ebe08699ce2a1b64c_amd64" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:661885ca6e56357da49f772e5c1c704121fba789519de90ebe08699ce2a1b64c_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:d9b862b94a9620a43ad17c2dec419dddf98282f7db3ef0b008761238b3e2103d_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:d9b862b94a9620a43ad17c2dec419dddf98282f7db3ef0b008761238b3e2103d_arm64" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:d9b862b94a9620a43ad17c2dec419dddf98282f7db3ef0b008761238b3e2103d_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-31989", "cwe": { "id": "CWE-1240", "name": "Use of a Cryptographic Primitive with a Risky Implementation" }, "discovery_date": "2024-05-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2280218" } ], "notes": [ { "category": "description", "text": "A flaw was found in the ArgoCD Redis database server. This flaw allows an attacker with access to the Redis server to gain read/write access to the data in Redis. The attacker can also modify the \"mfst\" (manifest) key to cause ArgoCD to execute any deployment, potentially leveraging ArgoCD\u0027s high privileges to take over the cluster.", "title": "Vulnerability description" }, { "category": "summary", "text": "argocd: Use of Risky or Missing Cryptographic Algorithms in Redis Cache", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:06fc8566a1cfbdb2f1ed125bd71014702e19544bb0179e301f50b739f550a4be_s390x", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f12f0675c95873771db64474d94267adc65459551f34f87981e86800dd02e_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:b4b59e8f962ddd3daf5d170726815e5e7179f167223d8b503b690e6c47146bc5_amd64", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:d94a51a1973c588321cba6d6c983f18512eeb4d1435cc2d2d11a0f655c4e6459_arm64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:5740496753c2361e8e92c6ae10fc514f04fd4be2431937441c37d683d59a93d8_s390x", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:6120ce466454abbe0af5c595f5d5eaeba7ab8f6574a58a4e48fc75e37fb282f3_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:87533903151ce49782aaaeeffe0fd62be115e597d91ac2040305c1fa5c77c53e_arm64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:99651d795a65cacffc34179020c152910ab7782b0d6bfadebd0d80971a501ff2_amd64", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:00137bee6c32d7846f2ad59f6cb9a83cd6a3fa6c99ea5cb8e7babf43a03d90ee_arm64", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:8002f248c7839ad4711786c44633df8c63cd36b17076de350db5762ecaad3d29_s390x", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:bbeb98c04cd3ba61eace67c37c4adea853d8fa5f399331ccf819dc0dcc727283_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:c6497194f930aa64f188223f49b34943e0a71dad17e7c9a6f3b46a840af28ef1_amd64", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:1c2505f0cdf01630f1601e47916a0bdbd896bcaa794f3d333206cd474edec7d1_s390x", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:4f0bd0fefebf3e1031bbe582715fa1ce94bd2ae5049dc5a832f2bea736cdffd4_amd64", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:bd06095ff4d751cc803e4e11b58a5dd13f4a4b09ae82a270c52e0aba0c5959b3_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:f8f749f0825ca82d63a7245f67928455083d99bee615182e90ea58c5bf41eff2_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:88a72e0653b7393fc6857838932415a53c1e7592203eebb8ebde5a66ea5b8bb8_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:243efd0ad21a3213d82dddd842c2518a8e30368fd8b8ebc255ed8215784961a1_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:477b4677f1f4a87c44d78c0e81ea7e312189921b70597dfed8042f4ee9cf88eb_s390x", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6c453b7135a9a3493e3aa8a95677bce041c93678b5b4c6c884c163396da426f0_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:dd4c438f7935f52b8a4eee3ef1616737af58b841d4fee9525875e49dfb19a859_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:67787e52e16eb0a1ff010a33eae05e90e35e6dda205029461b2020d6e7ee8d86_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:df921fbc40d2da42048119d869952a12d1568efc79d6f87b63a4f5616bddb572_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:eb888417cf8c3503bebc1fe2537d1a5a640d80a2a3bc2e88564cdbd46764a7c3_s390x", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:fe41a4edef343e6157551299059aeb843e530388f2964d0c8185262e4e1d7b93_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:0a2d931084570e7e007fb4ab2bce16c2943680366dc236e7d9b747c86904a4e1_amd64", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:155c354acb1e8251839fa10700d59c15522efd6b13d1fdeef58bac6b66a249e5_s390x", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:73355f71611cadf04b6733c62961805ffd2b59524afc917665f50bf3e3645613_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8d3564c0b26d6573ab33ea9a9845394396f6cc8422ab7b1108978c2be2495457_arm64", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:1ec5ee1a0051c79bf73fcabda81e3bf6464a888634a2d1d3bd50dee0385f8475_s390x", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:270f878d78cfab355b6df30341b7775420110da2ee8e5f8aa2c20b6b75dcf905_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:661885ca6e56357da49f772e5c1c704121fba789519de90ebe08699ce2a1b64c_amd64", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:d9b862b94a9620a43ad17c2dec419dddf98282f7db3ef0b008761238b3e2103d_arm64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-31989" }, { "category": "external", "summary": "RHBZ#2280218", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280218" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-31989", "url": "https://www.cve.org/CVERecord?id=CVE-2024-31989" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-31989", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31989" }, { "category": "external", "summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr", "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr" } ], "release_date": "2024-05-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-29T17:45:14+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:06fc8566a1cfbdb2f1ed125bd71014702e19544bb0179e301f50b739f550a4be_s390x", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f12f0675c95873771db64474d94267adc65459551f34f87981e86800dd02e_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:b4b59e8f962ddd3daf5d170726815e5e7179f167223d8b503b690e6c47146bc5_amd64", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:d94a51a1973c588321cba6d6c983f18512eeb4d1435cc2d2d11a0f655c4e6459_arm64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:5740496753c2361e8e92c6ae10fc514f04fd4be2431937441c37d683d59a93d8_s390x", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:6120ce466454abbe0af5c595f5d5eaeba7ab8f6574a58a4e48fc75e37fb282f3_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:87533903151ce49782aaaeeffe0fd62be115e597d91ac2040305c1fa5c77c53e_arm64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:99651d795a65cacffc34179020c152910ab7782b0d6bfadebd0d80971a501ff2_amd64", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:00137bee6c32d7846f2ad59f6cb9a83cd6a3fa6c99ea5cb8e7babf43a03d90ee_arm64", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:8002f248c7839ad4711786c44633df8c63cd36b17076de350db5762ecaad3d29_s390x", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:bbeb98c04cd3ba61eace67c37c4adea853d8fa5f399331ccf819dc0dcc727283_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:c6497194f930aa64f188223f49b34943e0a71dad17e7c9a6f3b46a840af28ef1_amd64", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:1c2505f0cdf01630f1601e47916a0bdbd896bcaa794f3d333206cd474edec7d1_s390x", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:4f0bd0fefebf3e1031bbe582715fa1ce94bd2ae5049dc5a832f2bea736cdffd4_amd64", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:bd06095ff4d751cc803e4e11b58a5dd13f4a4b09ae82a270c52e0aba0c5959b3_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:f8f749f0825ca82d63a7245f67928455083d99bee615182e90ea58c5bf41eff2_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:88a72e0653b7393fc6857838932415a53c1e7592203eebb8ebde5a66ea5b8bb8_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:243efd0ad21a3213d82dddd842c2518a8e30368fd8b8ebc255ed8215784961a1_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:477b4677f1f4a87c44d78c0e81ea7e312189921b70597dfed8042f4ee9cf88eb_s390x", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6c453b7135a9a3493e3aa8a95677bce041c93678b5b4c6c884c163396da426f0_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:dd4c438f7935f52b8a4eee3ef1616737af58b841d4fee9525875e49dfb19a859_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:67787e52e16eb0a1ff010a33eae05e90e35e6dda205029461b2020d6e7ee8d86_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:df921fbc40d2da42048119d869952a12d1568efc79d6f87b63a4f5616bddb572_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:eb888417cf8c3503bebc1fe2537d1a5a640d80a2a3bc2e88564cdbd46764a7c3_s390x", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:fe41a4edef343e6157551299059aeb843e530388f2964d0c8185262e4e1d7b93_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:0a2d931084570e7e007fb4ab2bce16c2943680366dc236e7d9b747c86904a4e1_amd64", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:155c354acb1e8251839fa10700d59c15522efd6b13d1fdeef58bac6b66a249e5_s390x", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:73355f71611cadf04b6733c62961805ffd2b59524afc917665f50bf3e3645613_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8d3564c0b26d6573ab33ea9a9845394396f6cc8422ab7b1108978c2be2495457_arm64", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:1ec5ee1a0051c79bf73fcabda81e3bf6464a888634a2d1d3bd50dee0385f8475_s390x", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:270f878d78cfab355b6df30341b7775420110da2ee8e5f8aa2c20b6b75dcf905_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:661885ca6e56357da49f772e5c1c704121fba789519de90ebe08699ce2a1b64c_amd64", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:d9b862b94a9620a43ad17c2dec419dddf98282f7db3ef0b008761238b3e2103d_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3475" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:06fc8566a1cfbdb2f1ed125bd71014702e19544bb0179e301f50b739f550a4be_s390x", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f12f0675c95873771db64474d94267adc65459551f34f87981e86800dd02e_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:b4b59e8f962ddd3daf5d170726815e5e7179f167223d8b503b690e6c47146bc5_amd64", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:d94a51a1973c588321cba6d6c983f18512eeb4d1435cc2d2d11a0f655c4e6459_arm64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:5740496753c2361e8e92c6ae10fc514f04fd4be2431937441c37d683d59a93d8_s390x", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:6120ce466454abbe0af5c595f5d5eaeba7ab8f6574a58a4e48fc75e37fb282f3_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:87533903151ce49782aaaeeffe0fd62be115e597d91ac2040305c1fa5c77c53e_arm64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:99651d795a65cacffc34179020c152910ab7782b0d6bfadebd0d80971a501ff2_amd64", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:00137bee6c32d7846f2ad59f6cb9a83cd6a3fa6c99ea5cb8e7babf43a03d90ee_arm64", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:8002f248c7839ad4711786c44633df8c63cd36b17076de350db5762ecaad3d29_s390x", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:bbeb98c04cd3ba61eace67c37c4adea853d8fa5f399331ccf819dc0dcc727283_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:c6497194f930aa64f188223f49b34943e0a71dad17e7c9a6f3b46a840af28ef1_amd64", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:1c2505f0cdf01630f1601e47916a0bdbd896bcaa794f3d333206cd474edec7d1_s390x", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:4f0bd0fefebf3e1031bbe582715fa1ce94bd2ae5049dc5a832f2bea736cdffd4_amd64", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:bd06095ff4d751cc803e4e11b58a5dd13f4a4b09ae82a270c52e0aba0c5959b3_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:f8f749f0825ca82d63a7245f67928455083d99bee615182e90ea58c5bf41eff2_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:88a72e0653b7393fc6857838932415a53c1e7592203eebb8ebde5a66ea5b8bb8_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:243efd0ad21a3213d82dddd842c2518a8e30368fd8b8ebc255ed8215784961a1_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:477b4677f1f4a87c44d78c0e81ea7e312189921b70597dfed8042f4ee9cf88eb_s390x", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6c453b7135a9a3493e3aa8a95677bce041c93678b5b4c6c884c163396da426f0_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:dd4c438f7935f52b8a4eee3ef1616737af58b841d4fee9525875e49dfb19a859_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:67787e52e16eb0a1ff010a33eae05e90e35e6dda205029461b2020d6e7ee8d86_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:df921fbc40d2da42048119d869952a12d1568efc79d6f87b63a4f5616bddb572_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:eb888417cf8c3503bebc1fe2537d1a5a640d80a2a3bc2e88564cdbd46764a7c3_s390x", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:fe41a4edef343e6157551299059aeb843e530388f2964d0c8185262e4e1d7b93_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:0a2d931084570e7e007fb4ab2bce16c2943680366dc236e7d9b747c86904a4e1_amd64", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:155c354acb1e8251839fa10700d59c15522efd6b13d1fdeef58bac6b66a249e5_s390x", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:73355f71611cadf04b6733c62961805ffd2b59524afc917665f50bf3e3645613_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8d3564c0b26d6573ab33ea9a9845394396f6cc8422ab7b1108978c2be2495457_arm64", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:1ec5ee1a0051c79bf73fcabda81e3bf6464a888634a2d1d3bd50dee0385f8475_s390x", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:270f878d78cfab355b6df30341b7775420110da2ee8e5f8aa2c20b6b75dcf905_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:661885ca6e56357da49f772e5c1c704121fba789519de90ebe08699ce2a1b64c_amd64", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:d9b862b94a9620a43ad17c2dec419dddf98282f7db3ef0b008761238b3e2103d_arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "argocd: Use of Risky or Missing Cryptographic Algorithms in Redis Cache" } ] }
wid-sec-w-2024-1239
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer aus einem unprivilegierten Pod auf demselben Cluster kann eine Schwachstelle in Red Hat OpenShift GitOps ausnutzen, um seine Privilegien zu erh\u00f6hen.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-1239 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1239.json" }, { "category": "self", "summary": "WID-SEC-2024-1239 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1239" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3368 vom 2024-05-28", "url": "https://access.redhat.com/errata/RHSA-2024:3368" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3369 vom 2024-05-28", "url": "https://access.redhat.com/errata/RHSA-2024:3369" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3475 vom 2024-05-29", "url": "https://access.redhat.com/errata/RHSA-2024:3475" } ], "source_lang": "en-US", "title": "Red Hat OpenShift GitOps: Schwachstelle erm\u00f6glicht Privilegieneskalation", "tracking": { "current_release_date": "2024-05-30T22:00:00.000+00:00", "generator": { "date": "2024-05-31T09:06:00.899+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-1239", "initial_release_date": "2024-05-27T22:00:00.000+00:00", "revision_history": [ { "date": "2024-05-27T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2024-05-30T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "branches": [ { "category": "product_version_range", "name": "GitOps \u003c1.12.3", "product": { "name": "Red Hat OpenShift GitOps \u003c1.12.3", "product_id": "T035074", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:gitops__1.12.3" } } }, { "category": "product_version_range", "name": "GitOps \u003c1.10.6", "product": { "name": "Red Hat OpenShift GitOps \u003c1.10.6", "product_id": "T035075", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:gitops__1.10.6" } } } ], "category": "product_name", "name": "OpenShift" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-31989", "notes": [ { "category": "description", "text": "In Red Hat OpenShift GitOps existiert eine Schwachstelle im Zusammenhang mit dem verwendeten Redis ArgoCD Datenbankserver. Ein Angreifer von einem unprivilegierten Pod auf demselben Cluster kann Lese-/Schreibzugriff auf die Daten in Redis erlangen. Dies erlaubt es dem Angreifer, den \"mfst\"-Schl\u00fcssel (manifest) so zu ver\u00e4ndern, dass ArgoCD beliebige Deployments ausf\u00fchrt und potenziell die Kontrolle \u00fcber den Cluster zu \u00fcbernehmen." } ], "product_status": { "known_affected": [ "67646" ] }, "release_date": "2024-05-27T22:00:00Z", "title": "CVE-2024-31989" } ] }
ghsa-9766-5277-j5hr
Vulnerability from github
Summary
By default, the Redis database server is not password-protected. Consequently, an attacker with access to the Redis server can gain read/write access to the data in Redis. The attacker can also modify the "mfst" (manifest) key to cause ArgoCD to execute any deployment, potentially leveraging ArgoCD's high privileges to take over the cluster. Updating the "cacheEntryHash" in the manifest JSON is necessary, but since it doesn't use a private key for signing its integrity, a simple script can generate a new FNV64a hash matching the new manifest values. The repo-server, unable to verify if its cache is compromised, will read the altered "mfst" key and initiate an update process for the injected deployment.
It's also possible to edit the "app|resources-tree" key, causing the ArgoCD server to load any Kubernetes resource into the live manifest section of the app preview. This could lead to an information leak.
The fact that the cache in Redis is neither signed nor validated, combined with Redis's default lack of password protection, presents a significant security concern given ArgoCD's high-level permissions within the cluster. A security update should ensure all Redis database values are signed or encrypted.
Details
We began by deploying ArgoCD on an EKS cluster. Surprisingly, we discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. This was unexpected, as we had observed network policy rules restricting access to the Redis server to only the pods application-controller, repo-server, and argocd-server. We later realized that, despite having installed the latest version of the VPC CNI plugin on the EKS cluster, it requires manual enablement through configuration to enforce network policies. This raises concerns that many clients might unknowingly have open access to their Redis servers. We also know your recommendation on this page Argo CD - Secret Management, to enable the network policy plugin. Further investigation revealed that any pod within my cluster could connect to the Redis server by resolving its address using the Kubernetes DNS server. Exploring the contents of the Redis server, we found that we could edit the 'mfst' value of the latest revision. By updating the “cacheEntryHash”, we made the repo-server accept it as a legitimate cache, leading ArgoCD to apply this configuration. These tests were conducted using the default configuration, with regular ArgoCD and ArgoCD via helm deployment. This scenario presents a viable attack path, enabling any pod with access to the cluster to potentially exploit ArgoCD's high permissions and take over the cluster. We believe there is a critical need to enhance the security of the cache and its components. Given that many clients likely use ArgoCD in a plug-and-play manner, they could be exposed to significant risk. I am willing to offer assistance or answer any questions you might have.
PoC
We tested this using the latest version of ArgoCD, configured with default settings. ArgoCD was installed either by applying a YAML file or through Helm. We wrote a few Go programs to decompress the Redis values and regenerate the "cacheEntryHash", but these programs were relatively straightforward.
To modify the cluster deployment, you can alter the "mfst" key of the latest revision. For instance, add the following line:
json
{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"labels":{"app.kubernetes.io/instance":"myapp1"},"name":"everything-allowed"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"everything-allowed"}},"template":{"metadata":{"labels":{"app":"everything-allowed"}},"spec":{"containers":[{"args":["while true; do sleep 30; done;"],"command":["/bin/sh","-c","--"],"image":"ubuntu","name":"everything-allowed-pod","securityContext":{"privileged":true},"volumeMounts":[{"mountPath":"/host","name":"noderoot"}]}],"hostIPC":true,"hostNetwork":true,"hostPID":true,"volumes":[{"hostPath":{"path":"/"},"name":"noderoot"}]}}}
This addition creates a highly privileged pod.
To cause the web page to load a different Kubernetes resource in the "Live Manifest", edit the "app|resources-tree" manifest. Modify one of the component's kind, namespace, and name. Upon reloading the web page and clicking on the newly created asset, an error message appears: "Unable to load data: argocd-secret not found as part of application myapp." However, the resource's description is still transmitted to the browser, as seen in this URL format:
https://127.0.0.1:8081/api/v1/applications/myapp/resource?name=argocd-secret&appNamespace=argocd&namespace=argocd&resourceName=argocd-secret&version=v1&kind=Secret&group=
This situation results in information leakage.
Impact
This vulnerability could lead to Privilege Escalation to the level of cluster controller, or to information leakage, affecting anyone who does not have strict access controls on their Redis instance.
{ "affected": [ { "package": { "ecosystem": "Go", "name": "github.com/argoproj/argo-cd/v2" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2.8.19" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Go", "name": "github.com/argoproj/argo-cd/v2" }, "ranges": [ { "events": [ { "introduced": "2.9.0-rc1" }, { "fixed": "2.9.15" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Go", "name": "github.com/argoproj/argo-cd/v2" }, "ranges": [ { "events": [ { "introduced": "2.10.0-rc1" }, { "fixed": "2.10.10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Go", "name": "github.com/argoproj/argo-cd/v2" }, "ranges": [ { "events": [ { "introduced": "2.11.0-rc1" }, { "fixed": "2.11.1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Go", "name": "github.com/argoproj/argo-cd" }, "ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "1.8.7" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2024-31989" ], "database_specific": { "cwe_ids": [ "CWE-327" ], "github_reviewed": true, "github_reviewed_at": "2024-05-21T18:07:09Z", "nvd_published_at": "2024-05-21T19:15:09Z", "severity": "CRITICAL" }, "details": "### Summary\nBy default, the Redis database server is not password-protected. Consequently, an attacker with access to the Redis server can gain read/write access to the data in Redis. The attacker can also modify the \"mfst\" (manifest) key to cause ArgoCD to execute any deployment, potentially leveraging ArgoCD\u0027s high privileges to take over the cluster. Updating the \"cacheEntryHash\" in the manifest JSON is necessary, but since it doesn\u0027t use a private key for signing its integrity, a simple script can generate a new FNV64a hash matching the new manifest values. The repo-server, unable to verify if its cache is compromised, will read the altered \"mfst\" key and initiate an update process for the injected deployment.\n\nIt\u0027s also possible to edit the \"app|resources-tree\" key, causing the ArgoCD server to load any Kubernetes resource into the live manifest section of the app preview. This could lead to an information leak.\n\nThe fact that the cache in Redis is neither signed nor validated, combined with Redis\u0027s default lack of password protection, presents a significant security concern given ArgoCD\u0027s high-level permissions within the cluster. A security update should ensure all Redis database values are signed or encrypted.\n\n\n### Details\nWe began by deploying ArgoCD on an EKS cluster. Surprisingly, we discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. This was unexpected, as we had observed network policy rules restricting access to the Redis server to only the pods application-controller, repo-server, and argocd-server. We later realized that, despite having installed the latest version of the VPC CNI plugin on the EKS cluster, it requires manual enablement through configuration to enforce network policies. This raises concerns that many clients might unknowingly have open access to their Redis servers. We also know your recommendation on this page [Argo CD - Secret Management](https://argo-cd.readthedocs.io/en/stable/operator-manual/secret-management/#mitigating-risks-of-secret-injection-plugins), to enable the network policy plugin.\nFurther investigation revealed that any pod within my cluster could connect to the Redis server by resolving its address using the Kubernetes DNS server. Exploring the contents of the Redis server, we found that we could edit the \u0027mfst\u0027 value of the latest revision. By updating the \u201ccacheEntryHash\u201d, we made the repo-server accept it as a legitimate cache, leading ArgoCD to apply this configuration.\nThese tests were conducted using the default configuration, with regular ArgoCD and ArgoCD via helm deployment. This scenario presents a viable attack path, enabling any pod with access to the cluster to potentially exploit ArgoCD\u0027s high permissions and take over the cluster. We believe there is a critical need to enhance the security of the cache and its components. Given that many clients likely use ArgoCD in a plug-and-play manner, they could be exposed to significant risk. I am willing to offer assistance or answer any questions you might have.\n\n\n### PoC\nWe tested this using the latest version of ArgoCD, configured with default settings. ArgoCD was installed either by applying a YAML file or through Helm. We wrote a few Go programs to decompress the Redis values and regenerate the \"cacheEntryHash\", but these programs were relatively straightforward.\n\nTo modify the cluster deployment, you can alter the \"mfst\" key of the latest revision. For instance, add the following line:\n\n```json\n{\"apiVersion\":\"apps/v1\",\"kind\":\"Deployment\",\"metadata\":{\"labels\":{\"app.kubernetes.io/instance\":\"myapp1\"},\"name\":\"everything-allowed\"},\"spec\":{\"replicas\":1,\"selector\":{\"matchLabels\":{\"app\":\"everything-allowed\"}},\"template\":{\"metadata\":{\"labels\":{\"app\":\"everything-allowed\"}},\"spec\":{\"containers\":[{\"args\":[\"while true; do sleep 30; done;\"],\"command\":[\"/bin/sh\",\"-c\",\"--\"],\"image\":\"ubuntu\",\"name\":\"everything-allowed-pod\",\"securityContext\":{\"privileged\":true},\"volumeMounts\":[{\"mountPath\":\"/host\",\"name\":\"noderoot\"}]}],\"hostIPC\":true,\"hostNetwork\":true,\"hostPID\":true,\"volumes\":[{\"hostPath\":{\"path\":\"/\"},\"name\":\"noderoot\"}]}}}\n```\n\nThis addition creates a highly privileged pod.\n\nTo cause the web page to load a different Kubernetes resource in the \"Live Manifest\", edit the \"app|resources-tree\" manifest. Modify one of the component\u0027s kind, namespace, and name. Upon reloading the web page and clicking on the newly created asset, an error message appears: \"Unable to load data: argocd-secret not found as part of application myapp.\" However, the resource\u0027s description is still transmitted to the browser, as seen in this URL format:\n\n```\nhttps://127.0.0.1:8081/api/v1/applications/myapp/resource?name=argocd-secret\u0026appNamespace=argocd\u0026namespace=argocd\u0026resourceName=argocd-secret\u0026version=v1\u0026kind=Secret\u0026group=\n```\n\nThis situation results in information leakage.\n\n### Impact\nThis vulnerability could lead to Privilege Escalation to the level of cluster controller, or to information leakage, affecting anyone who does not have strict access controls on their Redis instance.", "id": "GHSA-9766-5277-j5hr", "modified": "2024-05-22T13:26:07Z", "published": "2024-05-21T18:07:09Z", "references": [ { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31989" }, { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/commit/2de0ceade243039c120c28374016c04ff9590d1d" }, { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/commit/35a7d6c7fa1534aceba763d6a68697f36c12e678" }, { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/commit/4e2fe302c3352a0012ecbe7f03476b0e07f7fc6c" }, { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/commit/53570cbd143bced49d4376d6e31bd9c7bd2659ff" }, { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/commit/6ef7b62a0f67e74b4aac2aee31c98ae49dd95d12" }, { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/commit/9552034a80070a93a161bfa330359585f3b85f07" }, { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/commit/bdd889d43969ba738ddd15e1f674d27964048994" }, { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/commit/f1a449e83ee73f8f14d441563b6a31b504f8d8b0" }, { "type": "PACKAGE", "url": "https://github.com/argoproj/argo-cd" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "type": "CVSS_V3" } ], "summary": "ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache" }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.